Bug 1160358

Summary: subscription-manager from consumer doesn't know how to handle a satellite6 installed with cname
Product: Red Hat Satellite Reporter: Dave Sullivan <dsulliva>
Component: Subscription ManagementAssignee: Katello Bug Bin <katello-bugs>
Status: CLOSED DUPLICATE QA Contact: Katello QA List <katello-qa-list>
Severity: high Docs Contact:
Priority: high    
Version: 6.0.3CC: ahogbin, alikins, egolov, kcleveng, mmccune
Target Milestone: UnspecifiedKeywords: Reopened, Triaged
Target Release: Unused   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2017-07-10 18:16:30 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Dave Sullivan 2014-11-04 15:39:21 UTC 
Description of problem:

satellite fqdn: abc123-us.acme.com
satellite cname: satellite.nomura.com


I have installed my satellite 6 with CNAME “satellite.acme.com” and created all required certificates using 

katello-installer --foreman-db-password foreman --foreman-db-username foreman --katello-proxy-url http://applicationwebproxy.acme.com --katello-proxy-port 8080 --certs-ca-common-name "satellite.acme.com" --certs-node-fqdn "satellite.acme.com" --capsule-parent-fqdn "satellite.acme.com" --foreman-foreman-url="https://satellite.acme.com" --foreman-admin-password changeme

 

Now when I try to register consumer I am getting some error …  did I miss something ?
 

[root@xyz123 product]# subscription-manager register --org ACME --name=xyz123.acme.com

Username: admin

Password:

Peer certificate subjectAltName does not match host, expected abc123-us.acme.com, got DNS:satellite.nomura.com


Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1.
2.
3.

Actual results:


Expected results:


Additional info:

This can be worked around by modifying /etc/rhsm/rhsm.conf on the consumer to point to the cname

hostname = satellite.acme.com
Comment 2 Mike McCune 2014-11-06 16:34:22 UTC 
We require a FQDN and not a CName for Satellite as noted in our Installation Guide:

https://access.redhat.com/documentation/en-US/Red_Hat_Satellite/6.0/html-single/Installation_Guide/index.html#Prerequisites3

We are unlikely to change this in the near term and this could be considered an RFE if it is a feature we should evaluate. If you feel we should re-evaluate this bug as an RFE feel free to re-open with justification.
Comment 4 Dave Sullivan 2015-07-25 19:59:16 UTC 
If cluster is handling hostname/vip movement cnames are not necessarily needed dns A records could be used instead.

Which makes this a little less important.
Comment 7 Bryan Kearney 2016-07-08 20:20:41 UTC 
Per 6.3 planning, moving out non acked bugs to the backlog