Red Hat Bugzilla – Bug 1340323
Certificate errors when automating the installation of packages using subscription manager
Last modified: 2018-05-02 00:51:31 EDT
Description of problem:
I am unable to install packages when creating instances from a heat template due to SSL and certificate errors.
Version-Release number of selected component (if applicable):
Whatever comes in http://download.eng.bos.redhat.com/brewroot/packages/rhel-guest-image/7.2/20160302.0/images/rhel-guest-image-7.2-20160302.0.x86_64.qcow2
Steps to Reproduce:
1. wget http://download.eng.bos.redhat.com/brewroot/packages/rhel-guest-image/7.2/20160302.0/images/rhel-guest-image-7.2-20160302.0.x86_64.qcow2
Arrange for the following user_data to be passed to the openstack instance when it is created:
3. Watch the console
Out of the box I get:
https://cdn.redhat.com/content/dist/rhel/server/7/7Server/x86_64/os/repodata/repomd.xml: [Errno 14] curl#77 - "Problem with the SSL CA cert (path? access rights?)"
Running this before first trying to install:
sed -i 's/insecure.*/insecure = 1/' /etc/rhsm/rhsm.conf
sed -i 's/sslverify.*/sslverify = 0/' /etc/yum.repos.d/redhat.repo
Produces this instead:
https://cdn.redhat.com/content/dist/rhel/server/7/7Server/x86_64/os/repodata/repomd.xml: [Errno 14] curl#58 - "unable to load client key: -8178 (SEC_ERROR_BAD_KEY)"
Package is installed
Even running the subscription-manager manually from a script:
subscription-manager register --username='rhn-engineering-XXXX' --password='mysecret'
subscription-manager attach --auto
yum install -y ntp
doesn't seem to help, even though it normally works from the
Perhaps it is something to do with the timing of the commands or the environment in which they are being executed.
I'm not sure I even know how to test this anymore.
I was doing it in the context of Heat and OSP and many moons ago