During 6.3 upgrade, hammer certificate is not updated, the configuration file is saved as "rpmnew". I think better fit would be to replace config and do "rpmsave" of the old one, since hammer is mostly used on Satellite Server itself. [root@zzzap ~]# rpm -qc tfm-rubygem-hammer_cli_foreman /etc/hammer/cli.modules.d/foreman.yml [root@zzzap ~]# cat /etc/hammer/cli.modules.d/foreman.yml :foreman: # Enable/disable foreman commands :enable_module: true # Your foreman server address :host: 'https://zzzap.lab.eng.brq.redhat.com' :ssl: :ssl_ca_file: '/etc/pki/katello/certs/katello-default-ca.crt' If you agree, please triage and move this into 6.3 GA under hammer component. If you don't agree, please make this a DOCO BZ - we need to tell the user to modify this file - to copy rpmnew over to the existing config. SYMPTOMS: Hammer is unable to do any action on satellite due to bad cert as we renamed the cert in 6.3: ------- :ssl: - :ssl_ca_file: '/etc/pki/katello/certs/katello-default-ca.crt' + :ssl_ca_file: '/etc/pki/katello/certs/katello-server-ca.crt' --------
Thanks for creating the bugzilla. Could this be a duplicate of bug 1501980? Comment 4 mentions the same workaround for altering ssl_ca_file.
Indeed a dupe of bug 1501980, can you please give it blocker there? It was asked already, I think it's major upgrade issue for those with custom certs. *** This bug has been marked as a duplicate of bug 1501980 ***