Note: This bug is displayed in read-only format because
the product is no longer active in Red Hat Bugzilla.
RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.
Description of problem:
Using the subscription-manager cli tool, you cannot connect to the candlepin server if you are configured to connect through a proxy that requires authentication.
Version-Release number of selected component (if applicable):
[jmolet@x2112 ~]$ rpm -qa | egrep "subscription|^python-2|python-rhsm"
python-2.6.4-27.fc13.x86_64
python-rhsm-0.93.3-1.git.0.a79d99d.fc14.noarch
subscription-manager-gnome-0.93.3-1.git.0.a79d99d.fc14.x86_64
subscription-manager-0.93.3-1.git.0.a79d99d.fc14.x86_64
How reproducible:
always
Steps to Reproduce:
1. Find a machine with subscription-manager installed.
2. Configure subscription manager to connect through a proxy that requires auth.
3. try to register with subscription-manager (or do any network actions)
Actual results:
[root@x2112 rhsm]# subscription-manager register --username=testuser1 --password=password
Network error, unable to connect to server. Please see /var/log/rhsm/rhsm.log for more information.
log file /var/log/rhsm/rhsm.log:
2010-12-09 14:51:21,567 [INFO] __init__() @connection.py:274 - Using certificate authentication: key = /etc/pki/consumer/key.pem, cert = /etc/pki/consumer/cert.pem, ca = /etc/rhsm/ca/, insecure = False
2010-12-09 14:51:21,567 [INFO] __init__() @connection.py:277 - Connection Established: host: mgmt4.rhq.lab.eng.bos.redhat.com, port: 8443, handler: /candlepin
2010-12-09 14:51:21,570 [INFO] _request() @connection.py:130 - loading ca pem certificates from: /etc/rhsm/ca/
2010-12-09 14:51:21,570 [INFO] _load_ca_certificates() @connection.py:111 - loading ca certificate '/etc/rhsm/ca/candlepin-stage.pem'
2010-12-09 14:51:21,570 [INFO] _load_ca_certificates() @connection.py:111 - loading ca certificate '/etc/rhsm/ca/fakamai-cp1.pem'
2010-12-09 14:51:21,571 [INFO] _load_ca_certificates() @connection.py:111 - loading ca certificate '/etc/rhsm/ca/redhat-uep.pem'
2010-12-09 14:51:21,571 [INFO] _load_ca_certificates() @connection.py:111 - loading ca certificate '/etc/rhsm/ca/candlepin-ca.pem'
2010-12-09 14:51:21,572 [INFO] _request() @connection.py:132 - work in insecure mode ?:False
2010-12-09 14:51:21,572 [INFO] _request() @connection.py:139 - using proxy mgmt5.rhq.lab.eng.bos.redhat.com:3128
2010-12-09 14:51:21,572 [INFO] _request() @connection.py:146 - handler: https://mgmt4.rhq.lab.eng.bos.redhat.com:8443/candlepin/consumers/7a7d2eb9-334c-462e-9dba-3eb5aebc5245
2010-12-09 14:51:22,400 [INFO] _request() @connection.py:160 - status code: 204
2010-12-09 14:51:22,401 [INFO] unregister() @managerlib.py:574 - Successfully un-registered.
2010-12-09 14:51:26,977 [INFO] __init__() @connection.py:274 - Using certificate authentication: key = /etc/pki/consumer/key.pem, cert = /etc/pki/consumer/cert.pem, ca = /etc/rhsm/ca/, insecure = False
2010-12-09 14:51:26,977 [INFO] __init__() @connection.py:277 - Connection Established: host: mgmt4.rhq.lab.eng.bos.redhat.com, port: 8443, handler: /candlepin
2010-12-09 14:51:26,978 [INFO] __init__() @connection.py:263 - Using basic authentication as: testuser1
2010-12-09 14:51:26,978 [INFO] __init__() @connection.py:277 - Connection Established: host: mgmt4.rhq.lab.eng.bos.redhat.com, port: 8443, handler: /candlepin
2010-12-09 14:51:27,088 [INFO] _request() @connection.py:130 - loading ca pem certificates from: /etc/rhsm/ca/
2010-12-09 14:51:27,088 [INFO] _load_ca_certificates() @connection.py:111 - loading ca certificate '/etc/rhsm/ca/candlepin-stage.pem'
2010-12-09 14:51:27,089 [INFO] _load_ca_certificates() @connection.py:111 - loading ca certificate '/etc/rhsm/ca/fakamai-cp1.pem'
2010-12-09 14:51:27,089 [INFO] _load_ca_certificates() @connection.py:111 - loading ca certificate '/etc/rhsm/ca/redhat-uep.pem'
2010-12-09 14:51:27,090 [INFO] _load_ca_certificates() @connection.py:111 - loading ca certificate '/etc/rhsm/ca/candlepin-ca.pem'
2010-12-09 14:51:27,090 [INFO] _request() @connection.py:132 - work in insecure mode ?:False
2010-12-09 14:51:27,090 [INFO] _request() @connection.py:139 - using proxy mgmt5.rhq.lab.eng.bos.redhat.com:3128
2010-12-09 14:51:27,091 [INFO] _request() @connection.py:146 - handler: https://mgmt4.rhq.lab.eng.bos.redhat.com:8443/candlepin/consumers/
2010-12-09 14:51:27,323 [ERROR] handle_exception() @managercli.py:44 - exception caught in subscription-manager
2010-12-09 14:51:27,323 [ERROR] handle_exception() @managercli.py:45 - Proxy connection failed: 407
Traceback (most recent call last):
File "/usr/sbin/subscription-manager", line 75, in <module>
sys.exit(abs(main() or 0))
File "/usr/sbin/subscription-manager", line 66, in main
return managercli.CLI().main()
File "/usr/share/rhsm/managercli.py", line 710, in main
cmd.main()
File "/usr/share/rhsm/managercli.py", line 146, in main
self._do_command()
File "/usr/share/rhsm/managercli.py", line 326, in _do_command
facts=self.facts.get_facts())
File "/usr/share/rhsm/connection.py", line 299, in registerConsumer
return self.conn.request_post('/consumers/', params)
File "/usr/share/rhsm/connection.py", line 183, in request_post
return self._request("POST", method, params)
File "/usr/share/rhsm/connection.py", line 152, in _request
headers=self.headers)
File "/usr/lib64/python2.6/httplib.py", line 898, in request
self._send_request(method, url, body, headers)
File "/usr/lib64/python2.6/httplib.py", line 935, in _send_request
self.endheaders()
File "/usr/share/rhsm/connection.py", line 66, in endheaders
httpslib.HTTPSConnection.endheaders(self)
File "/usr/lib64/python2.6/httplib.py", line 892, in endheaders
self._send_output()
File "/usr/lib64/python2.6/httplib.py", line 764, in _send_output
self.send(msg)
File "/usr/lib64/python2.6/httplib.py", line 723, in send
self.connect()
File "/usr/lib64/python2.6/site-packages/M2Crypto/httpslib.py", line 180, in connect
raise socket.error, "Proxy connection failed: %d" % code
error: Proxy connection failed: 407
Expected results:
The client registers and successfully connects through the proxy.
Additional info:
This is starting to look like possibly a python 2.6 problem, and it doesn't look like it is actually passing the username/password for the proxy server to the proxy server. I will also note, however, that the gui tool seems to successfully register using the same proxy settings.
commit 8405d250762441819b75cc1a19b6f899d0c03012
Author: Adrian Likins <alikins>
Date: Fri Dec 10 10:57:57 2010 -0500
661876: fix a bug with cli not using config file proxy auth info
Looks like cli wasn't reading the auth info from the config on some commands
(like register).
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.
http://rhn.redhat.com/errata/RHEA-2011-0611.html