Bug 63788

Summary: Need SSL procedure for Satellite install
Product: Red Hat Satellite 5 Reporter: Matt Jamison <jamisonm>
Component: ServerAssignee: Mihai Ibanescu <mihai.ibanescu>
Status: CLOSED CURRENTRELEASE QA Contact: Fanny Augustin <fmoquete>
Severity: high Docs Contact:
Priority: medium    
Version: unspecifiedCC: alikins, gafton, gdk, jturner, mihai.ibanescu, pjones, taw
Target Milestone: ---   
Target Release: ---   
Hardware: i386   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2002-06-10 15:08:58 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Josef Komenda 2002-04-18 18:57:05 UTC 
Description of Problem: Currently, only able to register a client system using
http://. Need instructions and RPM's for installing server key and exporting
certificates to client systems. 


Version-Release number of selected component (if applicable): see bug 63780
Comment 1 Chip Turner 2002-04-23 15:39:22 UTC 
shouldn't this be assigned to misa?
Comment 2 Mihai Ibanescu 2002-05-08 17:46:23 UTC 
It's a matter of repackaging the two scripts we ship with the proxy code, within
the satellite (rhn/backend/proxy/certs)
Comment 3 Josef Komenda 2002-05-20 19:37:11 UTC 
SSL rpm rhns-certs-1.2.2-21 installed, but sign.sh fails to create RPMs for
client install. Output: 

[root@satellite root]# sh /var/www/rhns/sign.sh
Using configuration from openssl.cnf
Enter PEM pass phrase:
Check that the request matches the signature
Signature ok
The Subjects Distinguished Name is as follows
countryName           :PRINTABLE:'us'
stateOrProvinceName   :PRINTABLE:'nc'
localityName          :PRINTABLE:'raleigh'
organizationName      :PRINTABLE:'red hat'
organizationalUnitName:PRINTABLE:'rhn'
commonName            :PRINTABLE:'jkomenda'
emailAddress          :IA5STRING:'jkomenda'
Certificate is to be certified until May 20 19:23:38 2003 GMT (365 days)

Write out database with 1 new entries
Data Base Updated
Building rhns-proxy-ssl-cert-1.0-1.noarch.rpm
install: creating directory `/tmp/rhns-proxy-ssl-cert-1.0-build'
install: creating directory
`/tmp/rhns-proxy-ssl-cert-1.0-build/rhns-proxy-ssl-cert-1.0'
server.crt ->
/tmp/rhns-proxy-ssl-cert-1.0-build/rhns-proxy-ssl-cert-1.0//etc/httpd/conf/ssl.crt/server.crt
mkdir: created directory
`/tmp/rhns-proxy-ssl-cert-1.0-build/rhns-proxy-ssl-cert-1.0//etc'
mkdir: created directory
`/tmp/rhns-proxy-ssl-cert-1.0-build/rhns-proxy-ssl-cert-1.0//etc/httpd'
mkdir: created directory
`/tmp/rhns-proxy-ssl-cert-1.0-build/rhns-proxy-ssl-cert-1.0//etc/httpd/conf'
mkdir: created directory
`/tmp/rhns-proxy-ssl-cert-1.0-build/rhns-proxy-ssl-cert-1.0//etc/httpd/conf/ssl.crt'
server.key ->
/tmp/rhns-proxy-ssl-cert-1.0-build/rhns-proxy-ssl-cert-1.0//etc/httpd/conf/ssl.key/server.key
mkdir: created directory
`/tmp/rhns-proxy-ssl-cert-1.0-build/rhns-proxy-ssl-cert-1.0//etc/httpd/conf/ssl.key'
/tmp/rhns-proxy-ssl-cert-1.0-build/rhns-proxy-ssl-cert-1.0.tar.gz: No such file
or directory
Comment 4 Josef Komenda 2002-05-20 19:39:12 UTC 
If this is going to be the SSL package for Porxy and Satellite, the directories
it builds out should probably be more generic too.
Comment 5 Mihai Ibanescu 2002-06-10 15:08:52 UTC 
rhns-certs-tools is now more generic.
Comment 6 Josef Komenda 2002-06-12 16:05:07 UTC 
Proxy SSL procedure now works on Satellite. Client and browser can connect
securely. Closing.