Bug 813812
| Summary: | Not deployed /etc/candlepin/certs/candlepin-ca.key at fresh install | ||||||
|---|---|---|---|---|---|---|---|
| Product: | [Retired] Katello | Reporter: | Larry Letelier <geek> | ||||
| Component: | Installer | Assignee: | Martin Bacovsky <mbacovsk> | ||||
| Status: | CLOSED WORKSFORME | QA Contact: | Katello QA List <katello-qa-list> | ||||
| Severity: | high | Docs Contact: | |||||
| Priority: | unspecified | ||||||
| Version: | 2.0 | CC: | bkearney, gkhachik, mbacovsk | ||||
| Target Milestone: | --- | Keywords: | Triaged | ||||
| Target Release: | --- | ||||||
| Hardware: | Unspecified | ||||||
| OS: | Linux | ||||||
| Whiteboard: | |||||||
| Fixed In Version: | Doc Type: | Bug Fix | |||||
| Doc Text: | Story Points: | --- | |||||
| Clone Of: | Environment: | ||||||
| Last Closed: | 2012-05-28 12:59:27 UTC | Type: | Bug | ||||
| Regression: | --- | Mount Type: | --- | ||||
| Documentation: | --- | CRM: | |||||
| Verified Versions: | Category: | --- | |||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||
| Embargoed: | |||||||
| Attachments: |
|
||||||
I have reproduced this today. On a clean box do this: 1) Install katello (but do not run configure-katello yet) 2) grep SSLCertificateFile /etc/httpd/conf.d/katello.conf 3) service httpd restart So the lost ability to restart httpd is consequence, but also a different problem. We should be able to restart Apache httpd even when katello-configure was not issued yet. The problem was your katello-configure did not finish, so httpd was not properly configured. The consequence was solved: https://bugzilla.redhat.com/show_bug.cgi?id=814063 I am not sure why it failed for you. Martin? According to the logs puppet omitted step called "generate-ssl-qpid-client-certificate" for no apparent reason. According to the communication with reporter this was first run of katello-configure on that machine. I'll check puppet config for that particular version for any clues. So far I was not able to either reprodece or explain this issue. Was unable to reproduce and examination of logs was not helpful either. Closing. If the issue persist feel free to reopen this bug. |
Created attachment 578350 [details] katello-debug-output Description of problem: Can't run katello-configure normally: Version-Release number of selected component (if applicable): katello-glue-pulp-0.2.21-1.el6.noarch katello-cli-common-0.2.18-1.el6.noarch katello-0.2.21-1.el6.noarch katello-qpid-broker-key-pair-1.0-1.noarch katello-common-0.2.21-1.el6.noarch katello-glue-foreman-0.2.21-1.el6.noarch katello-configure-0.2.16-1.el6.noarch katello-candlepin-cert-key-pair-1.0-1.noarch katello-glue-candlepin-0.2.21-1.el6.noarch katello-certs-tools-1.1.5-1.el6.noarch katello-all-0.2.21-1.el6.noarch katello-cli-0.2.18-1.el6.noarch katello-repos-0.2.1-1.el6.noarch katello-selinux-0.2.4-1.el6.noarch [root@cloud tmp]# lsb_release -a LSB Version: :core-4.0-amd64:core-4.0-noarch:graphics-4.0-amd64:graphics-4.0-noarch:printing-4.0-amd64:printing-4.0-noarch Distributor ID: RedHatEnterpriseServer Description: Red Hat Enterprise Linux Server release 6.2 (Santiago) Release: 6.2 Codename: Santiago How reproducible: katello-configure --user-name=admin --user-pass=admin --org-name=Domain_SCL Starting Katello configuration The top-level log file is [/var/log/katello/katello-configure-20120417-170135/main.log] err: /Stage[main]/Certs::Config/Exec[deploy-ssl-qpid-client-certificate]/returns: change from notrun to 0 failed: rpm -qp /root/ssl-build/cloud.demo.preteco.com/$(grep noarch.rpm /root/ssl-build/cloud.demo.preteco.com/latest.txt) | xargs rpm -q; if [ $? -ne 0 ]; then rpm -Uvh --force /root/ssl-build/cloud.demo.preteco.com/$(grep qpid-client.*noarch.rpm /root/ssl-build/cloud.demo.preteco.com/latest.txt); fi returned 1 instead of one of [0] at /usr/share/katello/install/puppet/modules/certs/manifests/config.pp:303 err: /Stage[main]/Certs::Config/Exec[deploy-candlepin-certificate-to-cp]/returns: change from notrun to 0 failed: openssl x509 -in /usr/share/katello/candlepin-cert.crt -out /etc/candlepin/certs/candlepin-ca.crt; openssl rsa -in /root/ssl-build/candlepin-cert.key -out /etc/candlepin/certs/candlepin-ca.key -passin 'file:/etc/katello/candlepin_ca_password-file' returned 1 instead of one of [0] at /usr/share/katello/install/puppet/modules/certs/manifests/config.pp:175 } +Creating Katello database user ############################################################ ... OK Creating Katello database ############################################################ ... OK Creating Candlepin database user ############################################################ ... OK Creating Candlepin database ############################################################ ... OK Steps to Reproduce: 1. 2. 3. Actual results: httpd not start normally because he not have candlepin-ca.key [root@cloud tmp]# /etc/init.d/httpd start Iniciando httpd: Syntax error on line 11 of /etc/httpd/conf.d/katello.conf: SSLCertificateKeyFile: file '/etc/candlepin/certs/candlepin-ca.key' does not exist or is empty [FAILED] Expected results: Additional info: