Bug 1265394

Summary: Unauthorized: Invalid credentials for request
Product: Red Hat Enterprise Linux 7 Reporter: agilley
Component: python-rhsmAssignee: candlepin-bugs
Status: CLOSED NOTABUG QA Contact: John Sefler <jsefler>
Severity: medium Docs Contact:
Priority: unspecified    
Version: 7.1CC: agilley, fnguyen
Target Milestone: rc   
Target Release: ---   
Hardware: x86_64   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2015-09-24 22:41:38 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
rhsm.log none

Description agilley 2015-09-22 19:46:41 UTC 
Created attachment 1075983 [details]
rhsm.log

Description of problem: Appears to be a reappearance of bug # 998033 

https://bugzilla.redhat.com/show_bug.cgi?id=998033

When trying to register a rhel 7.1 system a message returns with the error "Unauthorized: Invalid credentials for request"


Version-Release number of selected component (if applicable): RHEL 7.1


How reproducible: continuous 


Steps to Reproduce:
1. subscription-manager register 
2. subscription-manager register --username _______ --password _______
3. subscription-manager register --username _______ --password _______ --auto-attach

Actual results: Unauthorized: Invalid credentials for request


Expected results: Successful registration 


Additional info: /var/log/rhsm/rhsm.log is attached.
Comment 3 John Sefler 2015-09-23 12:48:34 UTC 
The top of your rhsm.log shows...
2015-09-20 03:26:04,121 [DEBUG] rhsmd @identity.py:131 - Loading consumer info from identity certificates.
2015-09-20 03:26:04,121 [DEBUG] rhsmd @identity.py:143 - Reload of consumer identity cert /etc/pki/consumer/cert.pem raised an exception with msg: [Errno 2] No such file or directory: '/etc/pki/consumer/key.pem'

A successful registration using subscription-manager will land two files...
/etc/pki/consumer/cert.pem
/etc/pki/consumer/key.pem

You appear to be missing the key.

I'll bet you registered a consumer using the customer portal web app and then downloaded the consumer cert and then copied it into /etc/pki/consumer/cert.pem.  I'll bet the key actually appended to the end of cert.pem.

On the other hand, I see this in the logs...
2015-09-21 08:45:32,291 [DEBUG] subscription-manager @connection.py:420 - Loaded CA certificates from /etc/rhsm/ca/: candlepin-stage.pem, redhat-uep.pem, katello-server-ca.pem

which indicates to me that you are probably registering to a katello server.  Maybe your katello server was re-deployed and now you have a bad ca cert and stale consumer.

Bottom line... you are missing etc/pki/consumer/key.pem
Comment 4 agilley 2015-09-24 22:41:38 UTC 
I completely missed that. Sorry for the bug report.