Bug 1706277
| Summary: | katello-certs-check output print foreman-installer/ katello/foreman-proxy-certs-generate on sat 6.6 | ||
|---|---|---|---|
| Product: | Red Hat Satellite | Reporter: | Nikhil Kathole <nkathole> |
| Component: | Certificates | Assignee: | Chris Roberts <chrobert> |
| Status: | CLOSED ERRATA | QA Contact: | Nikhil Kathole <nkathole> |
| Severity: | medium | Docs Contact: | |
| Priority: | unspecified | ||
| Version: | 6.6.0 | CC: | chrobert, zhunting |
| Target Milestone: | 6.6.0 | Keywords: | Regression, Triaged |
| Target Release: | Unused | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | foreman-installer-1.22.0.6-1 | Doc Type: | If docs needed, set a value |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2019-10-22 12:47:30 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
FailedQA
Version tested:
Satellite 6.6.0 snap 9
# rpm -qa | grep installer
foreman-installer-1.22.0.5-1.el7sat.noarch
foreman-installer-katello-1.22.0.5-1.el7sat.noarch
satellite-installer-6.6.0.12-1.beta.el7sat.noarch
For satellite:
Validation succeeded
To install the Red Hat Satellite Server with the custom certificates, run:
satellite-installer --scenario satellite \
--certs-server-cert "/root/server.valid.crt" \
--certs-server-key "/root/server.key" \
--certs-server-ca-cert "/root/rootCA.pem"
To update the certificates on a currently running Red Hat Satellite installation, run:
satellite-installer --scenario satellite \
--certs-server-cert "/root/server.valid.crt" \
--certs-server-key "/root/server.key" \
--certs-server-ca-cert "/root/rootCA.pem" \
--certs-update-server --certs-update-server-ca
For capsule:
To use them inside a NEW $CAPSULE, run this command:
foreman-proxy-certs-generate --foreman-proxy-fqdn "$CAPSULE" \
--certs-tar "~/$CAPSULE-certs.tar" \
--server-cert "/root/server.valid.crt" \
--server-key "/root/server.key" \
--server-ca-cert "/root/rootCA.pem" \
To use them inside an EXISTING $CAPSULE, run this command INSTEAD:
foreman-proxy-certs-generate --foreman-proxy-fqdn "$CAPSULE" \
--certs-tar "~/$CAPSULE-certs.tar" \
--server-cert "/root/server.valid.crt" \
--server-key "/root/server.key" \
--server-ca-cert "/root/rootCA.pem" \
--certs-update-server
foreman-proxy-certs-generate should replaced with capsule-certs-generate.
VERIFIED
version tested:
Satellite 6.6.0 snap 10
To install the Red Hat Satellite Server with the custom certificates, run:
satellite-installer --scenario satellite \
--certs-server-cert "/root/server.valid.crt" \
--certs-server-key "/root/server.key" \
--certs-server-ca-cert "/root/rootCA.pem"
To update the certificates on a currently running Red Hat Satellite installation, run:
satellite-installer --scenario satellite \
--certs-server-cert "/root/server.valid.crt" \
--certs-server-key "/root/server.key" \
--certs-server-ca-cert "/root/rootCA.pem" \
--certs-update-server --certs-update-server-ca
To use them inside a NEW $CAPSULE, run this command:
capsule-certs-generate --foreman-proxy-fqdn "$CAPSULE" \
--certs-tar "~/$CAPSULE-certs.tar" \
--server-cert "/root/server.valid.crt" \
--server-key "/root/server.key" \
--server-ca-cert "/root/rootCA.pem" \
To use them inside an EXISTING $CAPSULE, run this command INSTEAD:
capsule-certs-generate --foreman-proxy-fqdn "$CAPSULE" \
--certs-tar "~/$CAPSULE-certs.tar" \
--server-cert "/root/server.valid.crt" \
--server-key "/root/server.key" \
--server-ca-cert "/root/rootCA.pem" \
--certs-update-server
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2019:3172 |
Description of problem: To install the Katello main server with the custom certificates, run: foreman-installer --scenario katello \ --certs-server-cert "/root/server.valid.crt" \ --certs-server-key "/root/server.key" \ --certs-server-ca-cert "/root/rootCA.pem" To update the certificates on a currently running Katello installation, run: foreman-installer --scenario katello \ --certs-server-cert "/root/server.valid.crt" \ --certs-server-key "/root/server.key" \ --certs-server-ca-cert "/root/rootCA.pem" \ --certs-update-server --certs-update-server-ca To use them inside a NEW $FOREMAN_PROXY, run this command: foreman-proxy-certs-generate --foreman-proxy-fqdn "$FOREMAN_PROXY" \ --certs-tar "~/$FOREMAN_PROXY-certs.tar" \ --server-cert "/root/server.valid.crt" \ --server-key "/root/server.key" \ --server-ca-cert "/root/rootCA.pem" \ To use them inside an EXISTING $FOREMAN_PROXY, run this command INSTEAD: foreman-proxy-certs-generate --foreman-proxy-fqdn "$FOREMAN_PROXY" \ --certs-tar "~/$FOREMAN_PROXY-certs.tar" \ --server-cert "/root/server.valid.crt" \ --server-key "/root/server.key" \ --server-ca-cert "/root/rootCA.pem" \ --certs-update-server Version-Release number of selected component (if applicable): Satellite 6.6 snap 1 How reproducible: always Steps to Reproduce: 1.katello-certs-check -c server.valid.crt -k server.key -b rootCA.pem Actual results: Output has upstream names foreman-proxy-certs-generate/FOREMAN-PROXY/foreman-installer/katello. Expected results: Output should use capsule-certs-generate/CAPSULE/satellite-installer/satellite. Additional info: