Bug 1719175 - Proxy password with special character fails for insights with "407 Proxy Authentication Required"
Summary: Proxy password with special character fails for insights with "407 Proxy Auth...
Alias: None
Product: Red Hat Satellite
Classification: Red Hat
Component: RH Cloud - Insights
Version: 6.5.0
Hardware: Unspecified
OS: Unspecified
medium vote
Target Milestone: 6.7.0
Assignee: Rex White
QA Contact: Radovan Drazny
: 1751875 (view as bug list)
Depends On:
TreeView+ depends on / blocked
Reported: 2019-06-11 08:50 UTC by anerurka
Modified: 2020-04-14 13:25 UTC (History)
19 users (show)

Fixed In Version: tfm-rubygem-redhat_access-2.2.9
Doc Type: Known Issue
Doc Text:
If an HTTP proxy password contains special characters, such as "?", Insights uploads fail with the "407 Proxy Authentication Required" error. Do not use special characters in an HTTP proxy password.
Clone Of:
Last Closed: 2020-04-14 13:24:36 UTC
Target Upstream Version:

Attachments (Terms of Use)
tfm-rubygem-redhat_access-2.2.11-1.el7sat.noarch.rpm (11.56 MB, application/x-rpm)
2020-04-08 18:04 UTC, Mike McCune
no flags Details

System ID Private Priority Status Summary Last Updated
Red Hat Knowledge Base (Solution) 4223081 0 Configure None Red Hat Satellite 6, dashboad displays error " 407 Proxy Authentication Required" for insights widget 2019-06-15 05:13:06 UTC
Red Hat Product Errata RHSA-2020:1454 0 None None None 2020-04-14 13:24:59 UTC

Description anerurka 2019-06-11 08:50:49 UTC
Description of problem:

Proxy with a special character password "?", integrated with Satellite Server v.6.5, fails for Insights communication, fails with "407 Proxy Authentication Required"

Version-Release number of selected component (if applicable):


How reproducible:

Steps to Reproduce:

1. Configure Satellite with proxy with a password that has special character "?"
2. In UI, navigate to "Red Hat Insights -> Manage" --> Check Connection

Actual results:

Dashboard display "Unable to get risk summary: 407 Proxy Authentication Required"

Expected results:

There should not be any error related to Proxy.

Comment 8 Rex White 2019-08-22 21:18:16 UTC
Also, can we double check that the customer whitelisted "cert-api.access.redhat.com" in their proxy configuration?

Comment 15 Mike McCune 2019-09-12 20:02:00 UTC
We are spinning out a new BZ to track the specific $ issue but are going to move this back ON_QA to see if we can say this is VERIFIED for the majority of the special characters now covered by the changes in this bz.

Comment 16 Mike McCune 2019-09-12 20:02:19 UTC
Please see the follow-on bz for the $ issue:


Comment 23 Mike McCune 2019-12-17 22:21:49 UTC
*** Bug 1751875 has been marked as a duplicate of this bug. ***

Comment 26 Rex White 2020-02-25 15:45:51 UTC

The build issue was cause by a missing dependency on katello that's been added to redhat_access.gemspec in 2.2.11 so it *should* build ok now.

Comment 27 Evgeni Golov 2020-02-28 11:40:45 UTC
It built fine, so moving back to ON_DEV

Comment 29 Radovan Drazny 2020-03-11 13:55:32 UTC
Tested with Sat 6.7 Snap 15 (tfm-rubygem-redhat_access-2.2.11-1). I have created proxy users with passwords containing "?", "$", "&" chars. In all cases Satellite was able to successfully connect to the Insights API.

Comment 39 Rex White 2020-04-07 15:06:06 UTC

I am not part of the satellite organization and don't have any direct information about their schedules for releasing these updates so, unfortunately, I can't give you a better estimate for a release date.  Ashish Humbe might be able to give you more information but as he mentioned previously you can request a hotfix if the customer needs this immediately.

This update would only address the Insights functions and proxied uploads from the client, though - Satellite had already addressed this issue in their own proxy function in a previous update (Insights uses a separate proxy).  The authentication errors with cert-api.access.redhat.com you see in the logs should have no effect on the customer's ability to download updates via CDN; this would seem to be an unrelated problem.

Let me know if there's anything else I can do to help!

Rex White

Comment 43 Mike McCune 2020-04-08 18:03:03 UTC
** Satellite 6.6 Hotfix Available **

1) Download tfm-rubygem-redhat_access-2.2.11-1.el7sat.noarch.rpm from this bugzilla to your Satellite

2) install:

rpm -Uvh tfm-rubygem-redhat_access-2.2.11-1.el7sat.noarch.rpm 

3) restart services

satellite-maintain service restart

4) resume operations

Comment 44 Mike McCune 2020-04-08 18:04:10 UTC
Created attachment 1677335 [details]

Comment 47 errata-xmlrpc 2020-04-14 13:24:36 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.


Note You need to log in before you can comment on or make changes to this bug.