When RHUI Manager is run from a clean install, it first prompts the user for some information: - Red Hat Content Certificate - RHUA Server Login The content certificate is described elsewhere in the guide (short answer: it's given to them by Red Hat and entitles them to one or more repos in CDN). When uploaded to RHUI Manager, it's saved to /etc/pki/rhui. When installing a content certificate, either the first time or uploading a new one, the user needs write permissions to /etc/pki/rhui (screen capture below of what happens if they don't). Otherwise, these write permissions are *not* needed (which is the normal case; uploading a new content cert will be pretty rare). (That above comment about permissions might belong more in a prerequisite-like section since it transcends just first launch, your call.) The RHUA server login is used in the initial connection to the RHUA. After the first login, a certificate is stored at ~/.rhui that identifies the user with the RHUA for all future calls. In other words, after this first launch is filled out, future launches will drop the user directly in the home screen. The default login is admin with a password admin. You'll see in the screen capture below that we recommend the user change the password. That's done through the user screen in RHUI Manager (there will be a separate bug filed and that screen will have its own chapter). Below is a capture of what the UI looks like when being prompted for this information (no dashes, I'm just using them to differentiate the capture): ----- The Red Hat content certificate is required to use RHUI Tools but was not found. Full path to the new content certificate: /root/redhat-certs/content-cert.crt Full path to the new content certificate private key: /root/redhat-certs/content-key.pem Updating RHUI Tools... ... certificate successfully updated Previous authentication credentials could not be found. Logging into the RHUI. If this is the first time using the RHUI, it is recommended to change the user's password in the User Management section of RHUI Tools. RHUI Username: admin RHUI Password: ----- After the password is entered (assuming it's valid), the screen is cleared and the home screen is displayed. If the user does not have write permissions to /etc/pki/rhui, they are shown the following and rhui-tools exits. ----- The Red Hat content certificate is required to use RHUI Tools but was not found. The current user does not have write privileges to update the content cert at /etc/pki/rhui/content-cert.crt. -----
To be added to Part II: Configuration/Using the RHUI Manager LKB
There is some more configuration done during the first launch now. Four things happen. All four must occur before RHUI Manager will start. - If the user has not installed the Red Hat content certificate (and its private key) they are prompted for it. - If the user has not installed the entitlement signing CA certificate (and its private key) they are prompted for it. - An identity certificate is generated, using the entitlement signing CA certificate. If the CA private key requires a password, the user is prompted for it. - The user is prompted to log into the RHUA (same default username/password as above). Red Hat Content Certificate: Described above in the original summary. Entitlement Signing CA Certificate: Part of RHUI Manager is the ability to create client entitlement certificates. These certificates must be signed as part of their creation. This step is uploading the CA certificate and private key that will be used to sign and later verify those certificates. This may be purchased from a trusted CA (VeriSign, etc.) or a self-signed CA. (This existed back in RHUI 1.2, so you can check there for more notes on what this is). Identity Certificate: The identity certificate is used by the CDS to identify itself with the RHUA when synchronizing repositories. It is signed using the same CA as the entitlement certificates. RHUI Manager takes care of distributing this to CDS instances when repositories are deployed to them. Login: Described above. Sample (I'll let you clean up the /home/jdob portions of the sample paths into something less... well, less jdob-y): The Red Hat content certificate is required to use RHUI Tools but was not found. Full path to the new content certificate: /home/jdob/vault/code/rhui-certs/content-cert.crt Full path to the new content certificate private key: /home/jdob/vault/code/rhui-certs/content-key.pem Updating RHUI Tools... ... certificate successfully updated An entitlement signing CA certificate is required to use RHUI Tools but was not found. Full path to the new signing CA certificate: /home/jdob/vault/code/data/entitlement-certs/ca1.crt Full path to the new signing CA certificate private key: /home/jdob/vault/code/data/entitlement-certs/ca1.key A RHUI identity certificate is required to use RHUI Tools but was not found. A new identity certificate will be generated now using the CA certificate found at /etc/pki/rhui/entitlement-ca.crt. ........+++ ...............+++ Enter pass phrase for /etc/pki/rhui/entitlement-ca-key.pem:
Revision 1-2 LKB
I think its good to add a complete screen shot as below instead of just Username: admin Password: admin under the section 4.1 RHUI Manager First Launch ----------------------------------------------------------------------- --> rhui-manager Previous authentication credentials could not be found. Logging into the RHUI. If this is the first time using the RHUI, it is recommended to change the user's password in the User Management section of RHUI Tools. RHUI Username: admin RHUI Password: ------------------------------------------------------------------------ After the correct password is entered, the screen is cleared and the home screen is displayed. Also please add following as mentioned in comment 0 When installing a content certificate, either the first time or uploading a new one, the user needs write permissions to /etc/pki/rhui. If the user does not have write permissions to /etc/pki/rhui, they are shown the following and rhui-manager exits. ------------ The Red Hat content certificate is required to use RHUI Tools but was not found. The current user does not have write privileges to update the content certificate at /etc/pki/rhui/content-cert.crt. ------------
(In reply to comment #4) > I think its good to add a complete screen shot as below instead of just > > Username: admin > Password: admin > > under the section 4.1 RHUI Manager First Launch > ----------------------------------------------------------------------- > --> rhui-manager > Previous authentication credentials could not be found. Logging into > the RHUI. > > If this is the first time using the RHUI, it is recommended to change > the user's password in the User Management section of RHUI Tools. > > RHUI Username: admin > RHUI Password: > > ------------------------------------------------------------------------ > > After the correct password is entered, the screen is cleared and > the home screen is displayed. <screen> --> rhui-manager Previous authentication credentials could not be found. Logging into the RHUI. If this is the first time using the RHUI, it is recommended to change the user's password in the User Management section of RHUI Tools. RHUI Username: admin RHUI Password: </screen> <para> The Home screen will be displayed after the password has been entered. </para> > > > Also please add following as mentioned in comment 0 > When installing a content certificate, either the first time or uploading a > new one, the user needs write permissions to /etc/pki/rhui. If the user does > not have write permissions to /etc/pki/rhui, they are shown the following and > rhui-manager exits. > > ------------ > > The Red Hat content certificate is required to use RHUI Tools but was not > found. > > The current user does not have write privileges to update the content > certificate at /etc/pki/rhui/content-cert.crt. > > ------------ <para> Content certificates are installed to <filename>/etc/pki/rhui</filename>. This means that you will require write permission to <filename>/etc/pki/rhui</filename> to be able to install a new content certificate. If you do not have the appropriate permissions, RHUI Manager will display the following text, and exit: </para> <screen> The Red Hat content certificate is required to use RHUI Tools but was not found. The current user does not have write privileges to update the content certificate at /etc/pki/rhui/content-cert.crt. </screen> Revision 1-10 LKB
Thanks ! Verified in Install guide at: http://documentation-stage.bne.redhat.com/docs/en-US/Red_Hat_Update_Infrastructure/2.0/pdf/Installation_Guide/Red_Hat_Update_Infrastructure-2.0-Installation_Guide-en-US.pdf Screen mentioned in comment 5 are attached in section "4.1 RHUI Manager First Launch" (Page 17).
This book is now available at http://docs.redhat.com/docs/en-US/Red_Hat_Update_Infrastructure/2.0/html/Installation_Guide/index.html Please raise a new bug for any further changes. LKB