Description of problem:
Proxy with a special character password "?", integrated with Satellite Server v.6.5, fails for Insights communication, fails with "407 Proxy Authentication Required"
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1. Configure Satellite with proxy with a password that has special character "?"
2. In UI, navigate to "Red Hat Insights -> Manage" --> Check Connection
Dashboard display "Unable to get risk summary: 407 Proxy Authentication Required"
There should not be any error related to Proxy.
Also, can we double check that the customer whitelisted "cert-api.access.redhat.com" in their proxy configuration?
We are spinning out a new BZ to track the specific $ issue but are going to move this back ON_QA to see if we can say this is VERIFIED for the majority of the special characters now covered by the changes in this bz.
Please see the follow-on bz for the $ issue:
*** Bug 1751875 has been marked as a duplicate of this bug. ***
The build issue was cause by a missing dependency on katello that's been added to redhat_access.gemspec in 2.2.11 so it *should* build ok now.
It built fine, so moving back to ON_DEV
Tested with Sat 6.7 Snap 15 (tfm-rubygem-redhat_access-2.2.11-1). I have created proxy users with passwords containing "?", "$", "&" chars. In all cases Satellite was able to successfully connect to the Insights API.
I am not part of the satellite organization and don't have any direct information about their schedules for releasing these updates so, unfortunately, I can't give you a better estimate for a release date. Ashish Humbe might be able to give you more information but as he mentioned previously you can request a hotfix if the customer needs this immediately.
This update would only address the Insights functions and proxied uploads from the client, though - Satellite had already addressed this issue in their own proxy function in a previous update (Insights uses a separate proxy). The authentication errors with cert-api.access.redhat.com you see in the logs should have no effect on the customer's ability to download updates via CDN; this would seem to be an unrelated problem.
Let me know if there's anything else I can do to help!
** Satellite 6.6 Hotfix Available **
1) Download tfm-rubygem-redhat_access-2.2.11-1.el7sat.noarch.rpm from this bugzilla to your Satellite
rpm -Uvh tfm-rubygem-redhat_access-2.2.11-1.el7sat.noarch.rpm
3) restart services
satellite-maintain service restart
4) resume operations
Created attachment 1677335 [details]
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.
For information on the advisory, and where to find the updated
files, follow the link below.
If the solution does not work for you, open a new bug report.