I too am having this issue.
I did a fresh install of spacewalk yesterday

apachectl -v
Server version: Apache/2.4.6 (CentOS)
Server built:   Apr 12 2017 21:03:28


On the client, if I edit the serverURL in /etc/sysconfig/rhn/up2date to either http or https it gives me the same error on yum check-update

http:
failed to retrieve repodata/repomd.xml from ****
error was [Errno 14] HTTP Error 400 - Bad Request

https
failed to retrieve repodata/repomd.xml from ****
error was [Errno 14] HTTPS Error 400 - Bad Request

additionally, I get D: local action status: ((6,), 'Fatal error in Python code occurred', {}) from rhn_check -vv

rhn_check -vv

D: do_call packages.checkNeedUpdate('rhnsd=1',){}
Loaded plugins: fastestmirror, rhnplugin
D: login(forceUpdate=False) invoked
D: readCachedLogin invoked
D: Checking pickled loginInfo, currentTime=1493177702.55, createTime=1493177520.76, expire-offset=3600.0
D: readCachedLogin(): using pickled loginInfo set to expire at 1493181120.76
D: rpcServer: Calling XMLRPC up2date.listChannels
This system is receiving updates from RHN Classic or Red Hat Satellite.
Loading mirror speeds from cached hostfile
 * base: mirror.netflash.net
 * epel: mirror.steadfast.net
 * extras: centos.mirror.rafal.ca
 * updates: mirror.csclub.uwaterloo.ca
updateLoginInfo() login info
D: login(forceUpdate=True) invoked
logging into up2date server
D: rpcServer: Calling XMLRPC up2date.login
D: writeCachedLogin() invoked
D: Wrote pickled loginInfo at 1493177705.25 with expiration of 1493181305.25 seconds.
successfully retrieved authentication token from up2date server
D: logininfo:{'X-RHN-Server-Id': 1000010002, 'X-RHN-Auth-Server-Time': '1493177706.24', 'X-RHN-Auth-Channels': [['centos7_parent', '20170425161252', '1', '1'], ['centos7', '20170425161948', '0', '1']], 'X-RHN-Auth': 'CXy/TcybsxQtQG1DkALcWy2GDW/ceJz9flgU4lXOsRs=', 'X-RHN-Auth-User-Id': '', 'X-RHN-Auth-Expire-Offset': '3600.0'}
updateLoginInfo() login info
D: login(forceUpdate=True) invoked
logging into up2date server
D: rpcServer: Calling XMLRPC up2date.login
D: writeCachedLogin() invoked
D: Wrote pickled loginInfo at 1493177705.29 with expiration of 1493181305.29 seconds.
successfully retrieved authentication token from up2date server
D: logininfo:{'X-RHN-Server-Id': 1000010002, 'X-RHN-Auth-Server-Time': '1493177706.27', 'X-RHN-Auth-Channels': [['centos7_parent', '20170425161252', '1', '1'], ['centos7', '20170425161948', '0', '1']], 'X-RHN-Auth': 'w9GnU+NtfqOO5uc7e6VQGJCd664a4kzfNJ/pBgO4ya8=', 'X-RHN-Auth-User-Id': '', 'X-RHN-Auth-Expire-Offset': '3600.0'}
updateLoginInfo() login info
D: login(forceUpdate=True) invoked
logging into up2date server
D: rpcServer: Calling XMLRPC up2date.login
D: writeCachedLogin() invoked
D: Wrote pickled loginInfo at 1493177705.34 with expiration of 1493181305.34 seconds.
successfully retrieved authentication token from up2date server
D: logininfo:{'X-RHN-Server-Id': 1000010002, 'X-RHN-Auth-Server-Time': '1493177706.33', 'X-RHN-Auth-Channels': [['centos7_parent', '20170425161252', '1', '1'], ['centos7', '20170425161948', '0', '1']], 'X-RHN-Auth': 'J0Lvv2Vwu3SNSMw4y5ws+k7tMyLcWwzZLPorNEPJYU8=', 'X-RHN-Auth-User-Id': '', 'X-RHN-Auth-Expire-Offset': '3600.0'}
D: local action status: ((6,), 'Fatal error in Python code occurred', {})
D: rpcServer: Calling XMLRPC registration.welcome_message



also tried visiting the url in web browser. output is below.

Request URL:http://[my spacewalk fqdn]/XMLRPC/GET-REQ/centos7/repodata/repomd.xml
Request Method:GET
Status Code:405 Method Not Allowed
Remote Address:[spacewalk server ip address]:80
Referrer Policy:no-referrer-when-downgrade

same response with wget.


for comparison to the above packages, here is my package list as well

client:
rpm -qa|egrep 'rhn|spacewalk'
rhn-client-tools-2.6.8-1.el7.noarch
rhn-setup-2.6.8-1.el7.noarch
rhn-check-2.6.8-1.el7.noarch
rhn-org-trusted-ssl-cert-1.0-1.noarch
spacewalk-backend-usix-2.6.77-1.el7.noarch
rhncfg-client-5.10.99-1.el7.noarch
rhncfg-management-5.10.99-1.el7.noarch
spacewalk-client-repo-2.6-0.el7.noarch
rhnlib-2.6.3-1.el7.noarch
yum-rhn-plugin-2.6.3-1.el7.noarch
rhnsd-5.0.25-1.el7.x86_64
rhncfg-5.10.99-1.el7.noarch
rhncfg-actions-5.10.99-1.el7.noarch


server:
rpm -qa|egrep 'httpd|spacewalk|rhn'|sort
httpd-2.4.6-45.el7.centos.4.x86_64
httpd-tools-2.4.6-45.el7.centos.4.x86_64
rhn-client-tools-2.6.8-1.el7.noarch
rhnlib-2.6.3-1.el7.noarch
rhn-org-httpd-ssl-key-pair-spacewalk.lab-1.0-1.noarch
rhnpush-5.5.101-1.el7.noarch
spacewalk-admin-2.6.1-1.el7.noarch
spacewalk-backend-2.6.77-1.el7.noarch
spacewalk-backend-app-2.6.77-1.el7.noarch
spacewalk-backend-applet-2.6.77-1.el7.noarch
spacewalk-backend-config-files-2.6.77-1.el7.noarch
spacewalk-backend-config-files-common-2.6.77-1.el7.noarch
spacewalk-backend-config-files-tool-2.6.77-1.el7.noarch
spacewalk-backend-iss-2.6.77-1.el7.noarch
spacewalk-backend-iss-export-2.6.77-1.el7.noarch
spacewalk-backend-libs-2.6.77-1.el7.noarch
spacewalk-backend-package-push-server-2.6.77-1.el7.noarch
spacewalk-backend-server-2.6.77-1.el7.noarch
spacewalk-backend-sql-2.6.77-1.el7.noarch
spacewalk-backend-sql-postgresql-2.6.77-1.el7.noarch
spacewalk-backend-tools-2.6.77-1.el7.noarch
spacewalk-backend-usix-2.6.77-1.el7.noarch
spacewalk-backend-xml-export-libs-2.6.77-1.el7.noarch
spacewalk-backend-xmlrpc-2.6.77-1.el7.noarch
spacewalk-base-2.6.6-1.el7.noarch
spacewalk-base-minimal-2.6.6-1.el7.noarch
spacewalk-base-minimal-config-2.6.6-1.el7.noarch
spacewalk-branding-2.5.3-1.el7.noarch
spacewalk-certs-tools-2.5.3-1.el7.noarch
spacewalk-common-2.6.1-1.el7.noarch
spacewalk-config-2.6.5-1.el7.noarch
spacewalk-doc-indexes-2.6.2-1.el7.noarch
spacewalk-html-2.6.6-1.el7.noarch
spacewalk-java-2.6.49-1.el7.noarch
spacewalk-java-config-2.6.49-1.el7.noarch
spacewalk-java-lib-2.6.49-1.el7.noarch
spacewalk-java-postgresql-2.6.49-1.el7.noarch
spacewalk-jpp-workaround-2.3.5-1.el7.noarch
spacewalk-postgresql-2.6.1-1.el7.noarch
spacewalk-repo-2.6-0.el7.noarch
spacewalk-schema-2.6.17-1.el7.noarch
spacewalk-search-2.6.1-1.el7.noarch
spacewalk-selinux-2.3.2-1.el7.noarch
spacewalk-setup-2.6.2-1.el7.noarch
spacewalk-setup-jabberd-2.3.2-1.el7.noarch
spacewalk-setup-postgresql-2.6.2-1.el7.noarch
spacewalk-taskomatic-2.6.49-1.el7.noarch


i hope this additional information helps

So what's happening here is the result of an update to httpd, that enforces strict whitespace rules, that uncovered a bug in yum-rhn-plugin that was introduced in 2010.

(THhe spacewalk commit that started us down this path, for anyone who is interested, is 213b97e38dd75007281b37e3180dc68b736f2fac )

yum-rhn-plugin has been fixed, but a client without the fix yet won't be able to call home to *get* the fix, if the server has the new httpd.

There are two workarounds available:

One is to downgrade httpd to something *before* 2.4.25.

The other is to add an httpd config option that *turns off" strict-whitespace-enforcing until all your clients have a corrected yum-rhn-plugin. You can do that with the following:

# echo “HTTPProtocolOptions unsafe” >> /etc/httpd/conf.d/123unsafe.conf; systemctl restart httpd

That will put httpd back to its pre-2.4.25 behavior.

spacewalk-nightly has both fixes, so they will be standard when 2.7 is released

Hi Grant

I have tested and confirmed it works. I did believe that it was related to the strict whitespace rules but then I saw in 

/etc/httpd/conf.d/aa-spacewalk-server.conf

<IfVersion >= 2.4.25>
  HTTPProtocolOptions unsafe
</IfVersion>

<IfDefine _RH_HAS_HTTPPROTOCOLOPTIONS>
  HTTPProtocolOptions unsafe
</IfDefine>

so I thought it was already covered by those.

the above fix seems more global.

thanks for your help

The latest httpd on RHEL7 is 
Available Packages
Name        : httpd
Arch        : x86_64
Version     : 2.4.6
Release     : 45.el7_3.4
Size        : 1.2 M
Repo        : rhel-x86_64-server-7
Summary     : Apache HTTP Server
License     : ASL 2.0
Description : The Apache HTTP Server is a powerful, efficient, and extensible
            : web server.


So the strict whitespaceing must have been backported in this latest release - and the version macro cannot catch this

(In reply to vinzenz.meier from comment #4)
> The latest httpd on RHEL7 is 
> Available Packages
> Name        : httpd
> Arch        : x86_64
> Version     : 2.4.6
> Release     : 45.el7_3.4
> Size        : 1.2 M
> Repo        : rhel-x86_64-server-7
> Summary     : Apache HTTP Server
> License     : ASL 2.0
> Description : The Apache HTTP Server is a powerful, efficient, and extensible
>             : web server.
> 
> 
> So the strict whitespaceing must have been backported in this latest release
> - and the version macro cannot catch this

Hey Vinzenz - yes indeed. See the last paragraph in https://bugzilla.redhat.com/show_bug.cgi?id=1442477#c5 , we're investigating the 'right way' to make this work for RHEL7.

Just published a kbase on the details of what's going on here - see https://access.redhat.com/articles/3013361 for all the fun.

Grant - is there any way for the current yum-rhn-plugin to get updated for Spacewalk Client 2.6 repo? We'd like to fix our clients now and have the httpd updated on the server in a secure fashion. 

If not, I assume we have to wait for SW 2.7?

Looks like it was indeed updated. Thanks!

(In reply to Matt Wilkinson from comment #8)
> Looks like it was indeed updated. Thanks!

Ah yes - sorry, forgot to update here when we mashed out the client update :)

As the update is already present in Spacewalk 2.6 client. I am closing this BZ.

This BZ closed some time during 2.5, 2.6 or 2.7.  Adding to 2.7 tracking bug.