63788 – Need SSL procedure for Satellite install

Bug 63788 - Need SSL procedure for Satellite install

Summary: Need SSL procedure for Satellite install

Keywords:
Status:	CLOSED CURRENTRELEASE
Alias:	None
Product:	Red Hat Satellite 5
Classification:	Red Hat
Component:	Server
Sub Component:
Version:	unspecified
Hardware:	i386
OS:	Linux
Priority:	medium
Severity:	high
Target Milestone:	---
Assignee:	Mihai Ibanescu
QA Contact:	Fanny Augustin
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2002-04-18 18:57 UTC by Matt Jamison
Modified:	2007-07-31 19:13 UTC (History)
CC List:	7 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2002-06-10 15:08:58 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Description Josef Komenda 2002-04-18 18:57:05 UTC

Description of Problem: Currently, only able to register a client system using
http://. Need instructions and RPM's for installing server key and exporting
certificates to client systems. 


Version-Release number of selected component (if applicable): see bug 63780

Comment 1 Chip Turner 2002-04-23 15:39:22 UTC

shouldn't this be assigned to misa?

Comment 2 Mihai Ibanescu 2002-05-08 17:46:23 UTC

It's a matter of repackaging the two scripts we ship with the proxy code, within
the satellite (rhn/backend/proxy/certs)

Comment 3 Josef Komenda 2002-05-20 19:37:11 UTC

SSL rpm rhns-certs-1.2.2-21 installed, but sign.sh fails to create RPMs for
client install. Output: 

[root@satellite root]# sh /var/www/rhns/sign.sh
Using configuration from openssl.cnf
Enter PEM pass phrase:
Check that the request matches the signature
Signature ok
The Subjects Distinguished Name is as follows
countryName           :PRINTABLE:'us'
stateOrProvinceName   :PRINTABLE:'nc'
localityName          :PRINTABLE:'raleigh'
organizationName      :PRINTABLE:'red hat'
organizationalUnitName:PRINTABLE:'rhn'
commonName            :PRINTABLE:'jkomenda'
emailAddress          :IA5STRING:'jkomenda'
Certificate is to be certified until May 20 19:23:38 2003 GMT (365 days)

Write out database with 1 new entries
Data Base Updated
Building rhns-proxy-ssl-cert-1.0-1.noarch.rpm
install: creating directory `/tmp/rhns-proxy-ssl-cert-1.0-build'
install: creating directory
`/tmp/rhns-proxy-ssl-cert-1.0-build/rhns-proxy-ssl-cert-1.0'
server.crt ->
/tmp/rhns-proxy-ssl-cert-1.0-build/rhns-proxy-ssl-cert-1.0//etc/httpd/conf/ssl.crt/server.crt
mkdir: created directory
`/tmp/rhns-proxy-ssl-cert-1.0-build/rhns-proxy-ssl-cert-1.0//etc'
mkdir: created directory
`/tmp/rhns-proxy-ssl-cert-1.0-build/rhns-proxy-ssl-cert-1.0//etc/httpd'
mkdir: created directory
`/tmp/rhns-proxy-ssl-cert-1.0-build/rhns-proxy-ssl-cert-1.0//etc/httpd/conf'
mkdir: created directory
`/tmp/rhns-proxy-ssl-cert-1.0-build/rhns-proxy-ssl-cert-1.0//etc/httpd/conf/ssl.crt'
server.key ->
/tmp/rhns-proxy-ssl-cert-1.0-build/rhns-proxy-ssl-cert-1.0//etc/httpd/conf/ssl.key/server.key
mkdir: created directory
`/tmp/rhns-proxy-ssl-cert-1.0-build/rhns-proxy-ssl-cert-1.0//etc/httpd/conf/ssl.key'
/tmp/rhns-proxy-ssl-cert-1.0-build/rhns-proxy-ssl-cert-1.0.tar.gz: No such file
or directory

Comment 4 Josef Komenda 2002-05-20 19:39:12 UTC

If this is going to be the SSL package for Porxy and Satellite, the directories
it builds out should probably be more generic too.

Comment 5 Mihai Ibanescu 2002-06-10 15:08:52 UTC

rhns-certs-tools is now more generic.

Comment 6 Josef Komenda 2002-06-12 16:05:07 UTC

Proxy SSL procedure now works on Satellite. Client and browser can connect
securely. Closing.

Note You need to log in before you can comment on or make changes to this bug.