Bug 529460

Summary: Disconnected satellite - certificate import through web interface not working
Product: Red Hat Satellite 5 Reporter: Xixi <xdmoon>
Component: ServerAssignee: Tomas Lestach <tlestach>
Status: CLOSED CURRENTRELEASE QA Contact: Martin Minar <mminar>
Severity: medium Docs Contact:
Priority: medium    
Version: 530CC: cperry, mkoci, mminar, tlestach, xdmoon
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2010-10-28 14:46:10 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 487678    

Description Xixi 2009-10-16 22:24:59 UTC 
Description of problem:
Activating a satellite certificate via the webUI on a disconnected satellite fails. This is with:
/etc/rhn.conf has an empty satellite parent set (by installer)
/etc/rhn.conf has disconnected=1 (by installer)

Version-Release number of selected component (if applicable):
Red Hat Network (RHN) Satellite 5.3.0

System architecture(s):
RHEL5.3 x86_64 

How reproducible:
Always.

Steps to Reproduce:
1. Install a new 5.3.0 satellite or set an existing one to disconnected mode - in /etc/rhn/rhn.conf have "server.satellite.rhn_parent = " and "disconnected = 1", restart tomcat if necessary.
3. Go to Admin -> Satellite Configuration -> Certificate on satellite web ui: https://FQDN/rhn/admin/config/CertificateConfig.do
4. Try to activate a cert.

Actual results:
Activation fails with "Unhandled error, see log file for more details." on UI and the following error in logs:
2009-10-16 17:49:23,125 [TP-Processor5] ERROR com.redhat.rhn.manager.satellite.SystemCommandExecutor - Error encountered executing (args=[/usr/bin/sudo, /usr/bin/rhn-satellite-activate, --rhn-cert, /usr/share/tomcat5/temp/cert_textbLENCd0pMUKxw.cert])
2009-10-16 17:49:23,186 [TP-Processor5] ERROR com.redhat.rhn.manager.satellite.SystemCommandExecutor - Error message from process: ERROR: rhn_parent is not set in /etc/rhn/rhn.conf

Expected results:
Activation succeeds.

Additional info:
If you set a non-null parent e.g., "server.satellite.rhn_parent = satellite.rhn.redhat.com" in /etc/rhn/rhn.conf then activation succeeds with "Certificate uploaded. RHN Satellite has been re-activated."

This is possible workaround, command line activation is another.
Comment 2 Xixi 2009-10-17 01:55:05 UTC 
From code:

spacewalk-java-0.5.44/code/src/com/redhat/rhn/manager/satellite/ConfigureCertificateCommand.java:
...
      args.add("/usr/bin/rhn-satellite-activate");
      args.add("--rhn-cert");
      args.add(getCertificateFileName());
      if (ConfigDefaults.get().isDisconnected()) {
          args.add("--disconnected");
      }
...

spacewalk-java-0.5.44/code/src/com/redhat/rhn/common/conf/ConfigDefaults.java:
...
    /**
     * Check if this Sat is disconnected or not
     * @return boolean if this sat is disconnected or not
     */
    public boolean isDisconnected() {
        return (this.getString(SATELLITE_PARENT) != null);
    }
...

This seems odd - it thinks it's a disconnected satellite if server.satellite.rhn_parent in rhn.conf is *empty*, which doesn't make sense. And this should probably be get DISCONNECTED and not SATELLITE_PARENT.
Comment 6 Tomas Lestach 2010-01-25 15:58:56 UTC 
Thank you for the correct patch.

spacewalk.git: 5d4b81de2bda279872cf341cb750a4e397817b55

However, if a satellite is installed as disconnected, server.satellite.rhn_parent won't be set be the installer and it has to be entered manually, when activating the satellite (even via webui).
Comment 8 Tomas Lestach 2010-10-21 07:45:32 UTC 
# egrep '(\.rhn_parent|disconnected)' /etc/rhn/rhn.conf
server.satellite.rhn_parent = 
disconnected=1
I uploaded the certificate both - via file and text - Certificate Update in both cases successful: "Certificate uploaded. RHN Satellite has been re-activated."

STAGE VALIDATED on Satellite-5.4.0-RHEL5-re20101019.0
Comment 9 Clifford Perry 2010-10-28 14:41:35 UTC 
The 5.4.0 RHN Satellite and RHN Proxy release has occurred. This issue has been resolved with this release. 


RHEA-2010:0801 - RHN Satellite Server 5.4.0 Upgrade
https://rhn.redhat.com/rhn/errata/details/Details.do?eid=10332

RHEA-2010:0803 - RHN Tools enhancement update
https://rhn.redhat.com/rhn/errata/details/Details.do?eid=10333

RHEA-2010:0802 - RHN Proxy Server 5.4.0 bug fix update
https://rhn.redhat.com/rhn/errata/details/Details.do?eid=10334

RHEA-2010:0800 - RHN Satellite Server 5.4.0
https://rhn.redhat.com/rhn/errata/details/Details.do?eid=10335

Docs are available:

http://docs.redhat.com/docs/en-US/Red_Hat_Network_Satellite/index.html 

Regards,
Clifford