Description of problem: When using a wildcard certificate purchased from a CA, osad and osa-dispatcher fail to verify the certificate and instead give a "Mismatch: peer name: error Version-Release number of selected component (if applicable): spacewalk 1.3 both client and server packages The problem exists in /usr/share/rhn/osad/jabber_lib.py How reproducible: Install a wildcard certificate into spacewalk. I used the instructions here for installing the certificate: http://unfuckablelinux.com/2008/07/02/spacewalk-and-avoiding-self-signed-certificates/ Steps to Reproduce: 1. Install wildcard cert 2. Start osa-dispatcher 3. Actual results: Starting osa-dispatcher: /usr/lib/python2.6/site-packages/jabber/jabber.py:68: DeprecationWarning: the sha module is deprecated; use the hashlib module instead import sha, time RHN 10088 2011/03/12 15:01:59 -05:00: ('Traceback caught:',) RHN 10088 2011/03/12 15:01:59 -05:00: ('Traceback (most recent call last):\n File "/usr/share/rhn/osad/jabber_lib.py", line 611, in connect\n self.verify_peer(ssl)\n File "/usr/share/rhn/osad/jabber_lib.py", line 692, in verify_peer\n (self._host, common_name))\nSSLVerifyError: Mismatch: peer name: spacesl6.oreillyschool.com; common name: *.oreillyschool.com.\n',) Expected results: osa-dispatcher should start without errors Additional info: The check in jabber_lib.py should be fixed to match the commom name against wildcards.
Work around: I commend out line 690 to line 692 to disable the common_name verification. And then osa-dispatcher starts without errors.
Aligning under space16.
Fixed in Spacewalk master, 3801ed7115cc0a5c8573d643173389b4790bb419.
Spacewalk 1.6 has been released.