Bug 472604

Summary: Installing proxy 5.2 on RHEL 5 through the web UI leaves SSL improperly configured
Product: [Retired] Red Hat Network Reporter: Xixi <xdmoon>
Component: RHN/Web SiteAssignee: Grant Gainey <ggainey>
Status: CLOSED CURRENTRELEASE QA Contact: Stephen Herr <sherr>
Severity: medium Docs Contact:
Priority: medium    
Version: rhn508CC: bperkins, cperry, rhn-bugs, xdmoon
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
URL: us=63483
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2009-01-28 19:53:57 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 472454    
Bug Blocks: 474175    
Attachments:
Description Flags
Patch from Satellite fix for this problem none

Comment 1 Xixi 2008-11-21 22:43:38 UTC 
Cloned from bug 472454 for RHN Hosted -

Description of problem:
After installing proxy 5.2 on RHEL 5 using the web UI installer, clients can't
connect to the proxy using SSL.  

Version-Release number of selected component (if applicable):
Proxy 5.2

How reproducible:


Steps to Reproduce:
1.  Install 5.2 proxy on RHEL 5 through the web UI from a 5.2 Satellite

Actual results:
Proxy server is using ssl certs in /etc/pki/certs/localhost.crt


Expected results:
Proxy server is using ssl certs in /etc/httpd/conf/*/

Additional info:

With RHEL 5 the /etc/httpd/conf.d/ssl.conf file started pointing to
/etc/pki/certs instead of /etc/httpd/conf/* for it's ssl.  The proxy 5.2 web
installer doesn't bother changing these entries (as it never had to for RHEL
4).  

---------------------------------------------------------
Workaround/manual fix until the official fix is released -

Change /etc/httpd/conf.d/ssl.conf so that these two lines:
SSLCertificateFile /etc/pki/tls/certs/localhost.crt
SSLCertificateKeyFile /etc/pki/tls/private/localhost.key

becomes 

SSLCertificateFile /etc/httpd/conf/ssl.crt/server.crt
SSLCertificateKeyFile /etc/httpd/conf/ssl.key/server.key

Then save and restart rhn-proxy service.
Comment 2 Xixi 2008-11-21 22:44:32 UTC 
(In reply to comment #1)
> 1.  Install 5.2 proxy on RHEL 5 through the web UI from a 5.2 Satellite
Or from Red Hat Network (Hosted)
Comment 4 Amy Owens 2008-11-24 13:21:30 UTC 
user story: http://wwwapps.rdu.redhat.com:8080/xplanner/do/view/userstory?oid=63483
Comment 5 Grant Gainey 2008-12-03 15:18:39 UTC 
Created attachment 325546 [details]
Patch from Satellite fix for this problem