You're welcome. I also wrote a personal blog about replacing Spacewalk's self-signed certificates with Let's Encrypt certificates: https://omg.dje.li/2017/04/using-lets-encrypt-ssl-certificates-with-spacewalk/
I can't believe I wrote that almost 4 years ago! These days, I'd probably do it with acme.sh instead of certbot, but the process is still the same. :) From: <spacewalk-list-boun...@redhat.com> on behalf of "Peirce, Dean" <dean.pei...@cengage.com> Reply to: "spacewalk-list@redhat.com" <spacewalk-list@redhat.com> Date: Thursday, 4 February 2021 at 3:10 am To: "spacewalk-list@redhat.com" <spacewalk-list@redhat.com> Subject: Re: [Spacewalk-list] [External] : SSL certificate fun Thanks Avi! On Feb 2, 2021, at 10:27 PM, Avi Miller <avi.mil...@oracle.com<mailto:avi.mil...@oracle.com>> wrote: Our docs on replacing the SSL certificates has gone through extensive QA and might be useful as a reference: https://docs.oracle.com/en/operating-systems/oracle-linux-manager/2.10/install/chap-server-instup.html#replace-cert<https://urldefense.com/v3/__https:/docs.oracle.com/en/operating-systems/oracle-linux-manager/2.10/install/chap-server-instup.html*replace-cert__;Iw!!MXVguWEtGgZw!eRA5d467HFtfOxCU2nZONWl6rfrL5jvdp3tnVoYpIote8VrKuf8ZjiwjHHVegGi-BQ$> From: <spacewalk-list-boun...@redhat.com<mailto:spacewalk-list-boun...@redhat.com>> on behalf of "Peirce, Dean" <dean.pei...@cengage.com<mailto:dean.pei...@cengage.com>> Reply to: "spacewalk-list@redhat.com<mailto:spacewalk-list@redhat.com>" <spacewalk-list@redhat.com<mailto:spacewalk-list@redhat.com>> Date: Wednesday, 3 February 2021 at 10:28 am To: "spacewalk-list@redhat.com<mailto:spacewalk-list@redhat.com>" <spacewalk-list@redhat.com<mailto:spacewalk-list@redhat.com>> Subject: [External] : [Spacewalk-list] SSL certificate fun Hi all, Its that time of year again, and we renewed our SSL cert for our spacewalk server. This year Jabberd won’t stay running for more than a second. I’m assuming that I missed a cert file somewhere, but I still cannot get jabber to cooperate. I’ve added the new cert files in: /etc/httpd/conf/… /etc/pki/spacewalk/jabberd/ /var/www/html/pub /usr/share/rhn/ sm.log shows: Tue Feb 2 11:23:42 2021 [notice] version: jabberd sm 2.6.1 Tue Feb 2 11:23:42 2021 [notice] [spacewalk.stage.name.com<https://urldefense.com/v3/__http:/spacewalk.stage.name.com__;!!GqivPVa7Brio!LQV8E4yLhjX3tRnmCfgHXvOYVvV7AT1jLP7bf1-Z5XgzlFus2DgrZrkMorLe9cpD$>] configured Tue Feb 2 11:23:42 2021 [notice] [spacewalk.stage.name.com<https://urldefense.com/v3/__http:/spacewalk.stage.name.com__;!!GqivPVa7Brio!LQV8E4yLhjX3tRnmCfgHXvOYVvV7AT1jLP7bf1-Z5XgzlFus2DgrZrkMorLe9cpD$>] configured Tue Feb 2 11:23:42 2021 [notice] [localhost.localdomain] configured Tue Feb 2 11:23:42 2021 [notice] attempting connection to router at xx.xxx.xx.xx: port=5347 Tue Feb 2 11:23:42 2021 [notice] shutting down Tue Feb 2 11:23:42 2021 [notice] connection to router closed c2s.log Tue Feb 2 11:23:42 2021 [notice] initialized auth module 'sqlite' Tue Feb 2 11:23:42 2021 [notice] starting up Tue Feb 2 11:23:42 2021 [info] process id is 1628, written to /var/lib/jabberd/pid/c2s.pid Tue Feb 2 11:23:42 2021 [notice] [spacewalk.stage.name.com<https://urldefense.com/v3/__http:/spacewalk.stage.name.com__;!!GqivPVa7Brio!LQV8E4yLhjX3tRnmCfgHXvOYVvV7AT1jLP7bf1-Z5XgzlFus2DgrZrkMorLe9cpD$>] configured; realm=, authreg=sqlite, registration enabled, using PEM:/etc/pki/spacewalk/jabberd/server.pem Tue Feb 2 11:23:42 2021 [notice] attempting connection to router at xx.xxx.xx.xx, port=5347 Tue Feb 2 11:23:42 2021 [notice] shutting down Tue Feb 2 11:23:42 2021 [notice] connection to router closed s2s.log Tue Feb 2 11:23:42 2021 [notice] starting up (interval=120, queue=60, keepalive=120, idle=200) Tue Feb 2 11:23:42 2021 [info] process id is 1620, written to /var/lib/jabberd/pid/s2s.pid Tue Feb 2 11:23:42 2021 [notice] attempting connection to router at xx.xxx.xx.xx, port=5347 Tue Feb 2 11:23:42 2021 [notice] [6] [router] write error: Connection refused (111) Tue Feb 2 11:23:42 2021 [notice] connection to router closed Thanks in advance for any assistance Dean _______________________________________________ Spacewalk-list mailing list Spacewalk-list@redhat.com<mailto:Spacewalk-list@redhat.com> https://urldefense.com/v3/__https://www.redhat.com/mailman/listinfo/spacewalk-list__;!!MXVguWEtGgZw!eRA5d467HFtfOxCU2nZONWl6rfrL5jvdp3tnVoYpIote8VrKuf8ZjiwjHHXvBqUx2Q$<https://urldefense.com/v3/__https:/www.redhat.com/mailman/listinfo/spacewalk-list__;!!MXVguWEtGgZw!eRA5d467HFtfOxCU2nZONWl6rfrL5jvdp3tnVoYpIote8VrKuf8ZjiwjHHXvBqUx2Q$>
_______________________________________________ Spacewalk-list mailing list Spacewalk-list@redhat.com https://www.redhat.com/mailman/listinfo/spacewalk-list
