Bug 998950

Summary: RHSM does not use repo_ca_cert setting
Product: Red Hat Satellite Reporter: Rytis Sileika <rytis.sileika>
Component: katello-agentAssignee: Carter Kozak <ckozak>
Status: CLOSED DUPLICATE QA Contact: Katello QA List <katello-qa-list>
Severity: high Docs Contact:
Priority: unspecified    
Version: 6.0.0CC: bkearney, ckozak, mmccune, tomckay
Target Milestone: Unspecified   
Target Release: Unused   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2013-08-20 12:28:42 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 833466    

Description Rytis Sileika 2013-08-20 12:10:41 UTC 
Description of problem:

/etc/rhsm/rhsm.conf is pointing to correct certificate:

# grep repo_ca_cert /etc/rhsm/rhsm.conf
repo_ca_cert = %(ca_cert_dir)scandlepin-local.pem

But subscription manager config defaults to a default value:

# subscription-manager config | grep repo_ca_cert
   repo_ca_cert = [/etc/rhsm/ca/redhat-uep.pem]

This means that /etc/yum.repo.d/redhat.repo contains invalid certificate:

# grep sslcacert /etc/yum.repos.d/redhat.repo 
sslcacert = /etc/rhsm/ca/redhat-uep.pem
sslcacert = /etc/rhsm/ca/redhat-uep.pem
[...]

Version-Release number of selected component (if applicable):

subscription-manager-1.9.1-1.el6.x86_64

How reproducible:

Every time

Steps to Reproduce:
1. Install Katello 1.3 server
2. Kickstart a machine with RH6.4
3.

Actual results:


Expected results:


Additional info:

Works as expected with subscription-manager-1.1.23.1-1.el6_4.x86_64
Comment 1 Carter Kozak 2013-08-20 12:28:42 UTC 

*** This bug has been marked as a duplicate of bug 997194 ***