Description of problem: satellite fqdn: abc123-us.acme.com satellite cname: satellite.nomura.com I have installed my satellite 6 with CNAME “satellite.acme.com” and created all required certificates using katello-installer --foreman-db-password foreman --foreman-db-username foreman --katello-proxy-url http://applicationwebproxy.acme.com --katello-proxy-port 8080 --certs-ca-common-name "satellite.acme.com" --certs-node-fqdn "satellite.acme.com" --capsule-parent-fqdn "satellite.acme.com" --foreman-foreman-url="https://satellite.acme.com" --foreman-admin-password changeme Now when I try to register consumer I am getting some error … did I miss something ? [root@xyz123 product]# subscription-manager register --org ACME --name=xyz123.acme.com Username: admin Password: Peer certificate subjectAltName does not match host, expected abc123-us.acme.com, got DNS:satellite.nomura.com Version-Release number of selected component (if applicable): How reproducible: Steps to Reproduce: 1. 2. 3. Actual results: Expected results: Additional info: This can be worked around by modifying /etc/rhsm/rhsm.conf on the consumer to point to the cname hostname = satellite.acme.com
We require a FQDN and not a CName for Satellite as noted in our Installation Guide: https://access.redhat.com/documentation/en-US/Red_Hat_Satellite/6.0/html-single/Installation_Guide/index.html#Prerequisites3 We are unlikely to change this in the near term and this could be considered an RFE if it is a feature we should evaluate. If you feel we should re-evaluate this bug as an RFE feel free to re-open with justification.
If cluster is handling hostname/vip movement cnames are not necessarily needed dns A records could be used instead. Which makes this a little less important.
Per 6.3 planning, moving out non acked bugs to the backlog