Bug 2170829

Summary: The hammer\API way to generate host registration command is missing the insecure flag in Capsule installation guide
Product: Red Hat Satellite Reporter: Sayan Das <saydas>
Component: DocumentationAssignee: Malhar Jivrajani <mjivraja>
Documentation sub component: default QA Contact:
Status: CLOSED CURRENTRELEASE Docs Contact:
Severity: medium    
Priority: medium CC: mjivraja
Version: 6.13.0Keywords: Triaged
Target Milestone: Unspecified   
Target Release: Unused   
Hardware: All   
OS: All   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2023-05-11 05:29:37 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Sayan Das 2023-02-17 10:40:21 UTC 
Document URL: 

https://dxp-docp-prod.apps.ext-waf.spoke.prod.us-west-2.aws.paas.redhat.com/documentation/en-us/red_hat_satellite/6.13/html-single/installing_capsule_server/index?lb_target=preview

Section Number and Name: 

Chapter 2. Installing Capsule Server

2.1. Registering to Satellite Server

Procedure
  --> CLI Procedure
  --> API Procedure

Describe the issue: 

We mention this :

##############

CLI procedure

Generate the host registration command using the Hammer CLI:

# hammer host-registration generate-command \
--activation-keys "My_Activation_Key"

Connect to your host using SSH and run the registration command.

Check the /etc/yum.repos.d/redhat.repo file and ensure that the appropriate repositories have been enabled.

API procedure

Generate the host registration command using the Satellite API:

# curl -X POST https://satellite.example.com/api/registration_commands \
--user "My_User_Name" \
-H 'Content-Type: application/json' \
-d '{ "registration_command": { "activation_keys": ["My_Activation_Key_1, My_Activation_Key_2"] }}'


############


Both commands will work fine but The registration-command in the resulting output, cannot be executed on capsule to register it back to satellite. 

To rephrase my statement, The command is correct but missing the "insecure" option and without that, It will fail with error :

~~
curl: (60) SSL certificate problem: self signed certificate in certificate chain
More details here: https://curl.haxx.se/docs/sslcerts.html

curl failed to verify the legitimacy of the server and therefore could not
establish a secure connection to it. To learn more about this situation and
how to fix it, please visit the web page mentioned above. 
~~

Suggestions for improvement: 

Either,

Improve the hammer command to be :

# hammer host-registration generate-command \
--activation-keys "My_Activation_Key" \
--insecure 1

and Improve the API to be :

# curl -X POST https://satellite.example.com/api/registration_commands \
--user "My_User_Name" \
-H 'Content-Type: application/json' \
-d '{ "registration_command": { "activation_keys": ["My_Activation_Key_1, My_Activation_Key_2"], "insecure": "true" }}'


Or,

Mention a note that, User may additionally need to use --insecure flag while running the resulting registration command


Additional information: 

Please also check 6.11 and 6.12 docs if we need fixing there as well.
Comment 3 Malhar Jivrajani 2023-05-11 05:29:37 UTC 
Link to the updated and published documents: https://access.redhat.com/documentation/en-us/red_hat_satellite/6.13/html/configuring_capsules_with_a_load_balancer/registering_clients_to_the_load_balancer_load-balancing#Registering_Clients_Using_Host_Registration_load-balancing