On 03/13/18 20:30, Daryl Rose wrote:
> Alex,
>
>
> I just realized that I had more errors to look at. I didn't check the error
> log prior to my last update.
>
>
> 2018/03/13 14:24:59 -05:00 8164 0.0.0.0: osad/jabber_lib.check_cert('Loading
> cert', <X509Name object '/C=US/ST=VA/L=Herndon/O=Network Solutions
> L.L.C./CN=Network Solutions OV Server CA 2'>)
> 2018/03/13 14:24:59 -05:00 8164 0.0.0.0:
> rhnSQL/driver_postgresql.convert_named_query_params('Converting query for
> PostgreSQL: \n select id, password\n from rhnPushDispatcher\n
> where jabber_id like :jabber_id\n ',)
> 2018/03/13 14:24:59 -05:00 8164 0.0.0.0:
> rhnSQL/driver_postgresql.convert_named_query_params('New query: \n select
> id, password\n from rhnPushDispatcher\n where jabber_id like
> %(jabber_id)s\n ',)
> 2018/03/13 14:24:59 -05:00 8164 0.0.0.0:
> rhnSQL/driver_postgresql._execute_wrapper('Executing SQL: "\n select id,
> password\n from rhnPushDispatcher\n where jabber_id like
> %(jabber_id)s\n " with bind params: {jabber_id: rhn-dispatcher-sat%}',)
> 2018/03/13 14:24:59 -05:00 8164 0.0.0.0:
> osad/jabber_lib.setup_connection('Connecting to', '<FQDN SW SERVER>')
> 2018/03/13 14:24:59 -05:00 8164 0.0.0.0: osad/jabber_lib._get_jabber_client
> 2018/03/13 14:24:59 -05:00 8164 0.0.0.0:
> osad/jabber_lib._get_jabber_client('Connecting to', '<FQDN SW SERVER>')
> 2018/03/13 14:24:59 -05:00 8164 0.0.0.0: osad/jabber_lib.__init__
> 2018/03/13 14:24:59 -05:00 8164 0.0.0.0: osad/jabber_lib.__init__
> 2018/03/13 14:24:59 -05:00 8164 0.0.0.0: osad/jabber_lib.check_cert('Loading
> cert', <X509Name object '/C=US/ST=VA/L=Herndon/O=Network Solutions
> L.L.C./CN=Network Solutions OV Server CA 2'>)
> 2018/03/13 14:24:59 -05:00 8164 0.0.0.0: osad/jabber_lib.connect
> 2018/03/13 14:24:59 -05:00 8164 0.0.0.0: osad/jabber_lib.connect('Attempting
> to connect',)
> 2018/03/13 14:24:59 -05:00 8164 0.0.0.0: osad/jabber_lib.process(300,)
> 2018/03/13 14:24:59 -05:00 8164 0.0.0.0: osad/jabber_lib.process('before
> select(); timeout', 299.99999904632568)
> 2018/03/13 14:24:59 -05:00 8164 0.0.0.0: osad/jabber_lib.process('select()
> returned',)
> 2018/03/13 14:24:59 -05:00 8164 0.0.0.0:
> osad/jabber_lib._auth_dispatch(<jabber.xmlstream.Node instance at 0x24bf950>,)
> 2018/03/13 14:24:59 -05:00 8164 0.0.0.0: osad/jabber_lib.connect('Connected',)
> 2018/03/13 14:24:59 -05:00 8164 0.0.0.0: osad/jabber_lib.connect('Expecting
> features stanza, got:', <features><address xmlns =
> 'http://affinix.com/jabber/address' >::ffff:</address><auth xmlns =
> 'http://jabber.org/features/iq-auth' /><register xmlns =
> 'http://jabber.org/features/iq-register' /><starttls xmlns =
> 'urn:ietf:params:xml:ns:xmpp-tls' ><required /></starttls></features>)
> 2018/03/13 14:24:59 -05:00 8164 0.0.0.0: osad/jabber_lib.connect('starttls
> node', <jabber.xmlstream.Node instance at 0x25389e0>)
> 2018/03/13 14:24:59 -05:00 8164 0.0.0.0: osad/jabber_lib.process(None,)
> 2018/03/13 14:24:59 -05:00 8164 0.0.0.0: osad/jabber_lib.process('before
> select(); timeout', None)
> 2018/03/13 14:24:59 -05:00 8164 0.0.0.0: osad/jabber_lib.process('select()
> returned',)
> 2018/03/13 14:24:59 -05:00 8164 0.0.0.0:
> osad/jabber_lib._auth_dispatch(<jabber.xmlstream.Node instance at 0x2538b90>,)
> 2018/03/13 14:24:59 -05:00 8164 0.0.0.0: osad/jabber_lib.connect('Expecting
> proceed stanza, got:', <proceed />)
> 2018/03/13 14:24:59 -05:00 8164 0.0.0.0: osad/jabber_lib.connect('Preparing
> for TLS handshake',)
> 2018/03/13 14:24:59 -05:00 8164 0.0.0.0: osad/jabber_lib.connect('ERROR',
> 'Traceback caught:')
> 2018/03/13 14:24:59 -05:00 8164 0.0.0.0: osad/jabber_lib.main('ERROR', 'Error
> caught:')
>
> Anything here that might be a clue as to what is going on?
>
> Thanks
>
> Daryl
>
So your jabber cert seems to be /etc/pki/spacewalk/jabberd/server.pem
What does
openssl x509 -in /etc/pki/spacewalk/jabberd/server.pem -noout -enddate
-subject
tell?
Robert
> ________________________________
> From: [email protected] <[email protected]>
> on behalf of Daryl Rose <[email protected]>
> Sent: Tuesday, March 13, 2018 1:51 PM
> To: [email protected]
> Subject: Re: [Spacewalk-list] osa-dispatcher fails to start
>
>
> Alex,
>
>
> Sorry, can't/won't post /etc/hosts and /etc/sysconfig/network. Trust me when
> I say that he server name is fully qualified. Nothing in that regard has
> changed. My suspicion was and still is that it's the cert.
>
>
> Looking back on this, I realize that I should have kept the self-signed certs
> in place, but for some reason I had to use a signed cert. I used a doc that
> I found on Oracle explaining how to replace the self-signed certs with a CA
> signed cert.
>
>
> The cert expired in January. I posted a question asking if I have to
> re-register all of our clients with a new, updated cert. I was told no, that
> all I had to do was update the certificate for the WUI portion of SW.
> However, I see that the jabber certificate, server.pem, did expire in January.
>
>
> I replaced the server.pem cert with the one that was generated when I updated
> the cert earlier this year. I just now verified it against
> /var/www/html/pub/RHN-ORG-TRUSTED-SSL-CERT and it came back okay.
>
>
> openssl verify -CAfile /var/www/html/pub/RHN-ORG-TRUSTED-SSL-CERT
> /etc/pki/spacewalk/jabberd/server.pem
> /etc/pki/spacewalk/jabberd/server.pem: OK
>
>
> However, I still get the same error when starting the osa-dispatcher.
>
>
> --> <?xml version='1.0' encoding='UTF-8'?><stream:stream to='<FQDN SW
> SERVER>' xmlns='jabber:client'
> xmlns:stream='http://etherx.jabber.org/streams' version='1.0'>
>
> <-- <features><address xmlns = 'http://affinix.com/jabber/address'
> >::ffff:<IP></address><auth xmlns = 'http://jabber.org/features/iq-auth'
> /><register xmlns = 'http://jabber.org/features/iq-register' /><starttls
> xmlns = 'urn:ietf:params:xml:ns:xmpp-tls' ><required /></starttls></features>
>
> <-- <proceed />
>
> Spacewalk 6928 2018/03/13 13:41:37 -05:00: ('Traceback caught:',)
> Spacewalk 6928 2018/03/13 13:41:37 -05:00: ('Error caught:',)
>
> ERROR: unhandled exception occurred: (can't write str to text stream).
>
>
> One question that I have, is what are these URL's?
>
> http://affinix.com/jabber/address
>
> http://jabber.org/features/iq-register
>
>
> I'm not knowledgeable in python, but it looks to me as if its registering
> with an external url and is using tls. First of, why is jabber registering
> with an external url? And, if it is, is it possible that the ca-certificates
> are out of date and need to be updated?
>
>
> Thanks
>
>
> Daryl
>
>
>
> ________________________________
> From: [email protected] <[email protected]>
> on behalf of Alexandru Raceanu <[email protected]>
> Sent: Tuesday, March 13, 2018 12:18 PM
> To: [email protected]
> Subject: Re: [Spacewalk-list] osa-dispatcher fails to start
>
> Can you post the /etc/hosts and /etc/sysconfig/network ?
> if not... check this one: https://access.redhat.com/solutions/327903
>
> /Alex
>
> ________________________________
> From: "Daryl Rose" <[email protected]>
> To: [email protected]
> Sent: Tuesday, March 13, 2018 4:22:41 PM
> Subject: Re: [Spacewalk-list] osa-dispatcher fails to start
>
>
> Yes, really, that was all.
>
>
> Here is the output from the very verbose osa-dispatcher start:
>
>
> /usr/sbin/osa-dispatcher -N -v -v -v -v -v -v -v
> --> <?xml version='1.0' encoding='UTF-8'?><stream:stream to='<FQDN SW
> SERVER>' xmlns='jabber:client'
> xmlns:stream='http://etherx.jabber.org/streams' version='1.0'>
>
> <-- <features><address xmlns = 'http://affinix.com/jabber/address'
> >::ffff:10.255.0.6</address><auth xmlns =
> 'http://jabber.org/features/iq-auth' /><register xmlns =
> 'http://jabber.org/features/iq-register' /><starttls xmlns =
> 'urn:ietf:params:xml:ns:xmpp-tls' ><required /></starttls></features>
>
> <-- <proceed />
>
> Spacewalk 653 2018/03/13 10:18:35 -05:00: ('Traceback caught:',)
> Spacewalk 653 2018/03/13 10:18:35 -05:00: ('Error caught:',)
>
> ERROR: unhandled exception occurred: (can't write str to text stream).
>
> Thank you
>
>
> Daryl
>
> ________________________________
> From: [email protected] <[email protected]>
> on behalf of Paschedag, Robert <[email protected]>
> Sent: Tuesday, March 13, 2018 8:47 AM
> To: [email protected]
> Subject: Re: [Spacewalk-list] osa-dispatcher fails to start
>
>
> Is that really all??
>
>
>
> With this information only, it is impossible to help.
>
>
>
> You can try to run osa-dispatcher manually
>
>
>
> Stop it
>
>
>
> /etc/init.d/osa-dispatcher stop
>
>
>
> Run it manually
>
>
>
> /usr/sbin/osa-dispatcher -N -v -v -v -v -v -v -v
>
>
>
> and post errors you get.
>
>
>
> Robert
>
>
>
>
>
> Von: [email protected] <[email protected]> Im
> Auftrag von Daryl Rose
> Gesendet: Dienstag, 13. März 2018 14:14
> An: [email protected]
> Betreff: Re: [Spacewalk-list] osa-dispatcher fails to start
>
>
>
> Here are the requested entries.
>
>
>
> 2018/03/13 08:11:08 -05:00 45604 0.0.0.0: osad/jabber_lib.__init__
>
> 2018/03/13 08:11:08 -05:00 45604 0.0.0.0: osad/jabber_lib.connect('ERROR',
> 'Traceback caught:')
>
> 2018/03/13 08:11:08 -05:00 45604 0.0.0.0: osad/jabber_lib.main('ERROR',
> 'Error caught:')
>
>
>
> Thank you.
>
>
>
> Daryl
>
>
>
>
>
> ________________________________
>
> From:
> [email protected]<mailto:[email protected]>
> <[email protected]<mailto:[email protected]>>
> on behalf of Alexandru Raceanu <[email protected]<mailto:[email protected]>>
> Sent: Monday, March 12, 2018 12:52 PM
> To: [email protected]<mailto:[email protected]>
> Subject: Re: [Spacewalk-list] osa-dispatcher fails to start
>
>
>
> Can you provide the entries after a "/etc/init.d/osa-dispatcher restart" from
> /var/log/rhn/osa-dispatcher.log ?
>
>
>
> /Alex
>
>
>
>
>
> ________________________________
>
> From: "Daryl Rose" <[email protected]<mailto:[email protected]>>
> To: [email protected]<mailto:[email protected]>
> Sent: Monday, March 12, 2018 4:28:18 PM
> Subject: Re: [Spacewalk-list] osa-dispatcher fails to start
>
>
>
> I'm sorry, I just realized that I should have provided more information.
>
>
>
> 1. This is a RHEL 6.8 server
> 2. SW v2.6.
>
>
>
> Also, we use a signed cert and the certificate expired January. I inquired
> on this list and I was told that I only needed to update the cert for the
> website portion of the cert that they cert used to communicate between the
> systems did not need to be changed.
>
>
>
> I'm guessing its a cert issue from some of the research that I did, but I'm
> not sure what I should update, or if I really need to.
>
>
>
> Thanks
>
>
>
> Daryl
>
>
>
> ________________________________
>
> From:
> [email protected]<mailto:[email protected]>
> <[email protected]<mailto:[email protected]>>
> on behalf of Daryl Rose <[email protected]<mailto:[email protected]>>
> Sent: Monday, March 12, 2018 10:19 AM
> To: [email protected]<mailto:[email protected]>
> Subject: [Spacewalk-list] osa-dispatcher fails to start
>
>
>
> osa-dispatcher is down and won't start. I get the following error when
> trying to start it:
>
>
>
> Starting osa-dispatcher: Spacewalk 43238 2018/03/12 10:17:13 -05:00:
> ('Traceback caught:',)
>
> Spacewalk 43238 2018/03/12 10:17:13 -05:00: ('Error caught:',)
>
>
>
> ERROR: unhandled exception occurred: (can't write str to text stream).
>
> [FAILED]
>
>
>
> Any suggestions?
>
>
>
> Thanks
>
>
>
> Daryl
>
> _______________________________________________
> Spacewalk-list mailing list
> [email protected]<mailto:[email protected]>
> https://www.redhat.com/mailman/listinfo/spacewalk-list
>
> _______________________________________________
> Spacewalk-list mailing list
> [email protected]
> https://www.redhat.com/mailman/listinfo/spacewalk-list
>
>
>
> _______________________________________________
> Spacewalk-list mailing list
> [email protected]
> https://www.redhat.com/mailman/listinfo/spacewalk-list
>
_______________________________________________
Spacewalk-list mailing list
[email protected]
https://www.redhat.com/mailman/listinfo/spacewalk-list
