Hide Forgot
Description of problem: We got the access to stage environment (https://access.stage.redhat.com/management/) to generate the content certs. I generated the certs using subscription manager. [root@dhcp201-141 ~]# cd /etc/pki/entitlement/ [root@dhcp201-141 entitlement]# ls 7177615796826081838.pem key.pem stage_content.pem [root@dhcp201-141 entitlement]# Here I combined both key and certs in one file named as "stage_content.pem". When I tried to upload in rhui-manager, i got following: ------------------------------------------------------------------------------ rhui (entitlements) => u Full path to the new content certificate: /etc/pki/entitlement/stage_content.pem The RHUI will be updated with the following certificate: /etc/pki/entitlement/stage_content.pem Proceed? (y/n) y The given certificate contains one or more entitlements that are not compatible with the RHUI. For questions, please visit: https://access.redhat.com/support/contact/customerService.html ------------------------------------------------------------------------------ rhui (entitlements) => Version-Release number of selected component (if applicable): rhui-tools 2.0.37 How reproducible: always Steps to Reproduce: Actual results: The given certificate contains one or more entitlements that are not compatible with the RHUI Expected results: Generated content certs from stage should be uploaded in rhui successfully. Additional info: I opened this bug, just to ensure that we can upload the content certs in rhui, generated through stage env.
http://qe-india.pad.engineering.redhat.com/37?
Generated new certs and tried to upload them using rhui-manager. Certs generated under /etc/pki/entitlement directory. [root@dhcp201-141 redhat]# cd /etc/pki/entitlement/ [root@dhcp201-141 entitlement]# ll total 44 -rw-r--r--. 1 root root 17422 Jul 14 06:26 5235838272810302347.pem -rw-r--r--. 1 root root 1675 Jul 14 06:26 key.pem -rw-r--r--. 1 root root 19097 Jul 14 16:20 stage_content.pem First I uploaded the 5235838272810302347.pem file using rhui-manager. All certs uploaded successfuly. See the listing below: rhui (entitlements) => u Full path to the new content certificate: /etc/pki/entitlement/5235838272810302347.pem The RHUI will be updated with the following certificate: /etc/pki/entitlement/5235838272810302347.pem Proceed? (y/n) y Updating repository Red Hat Update Infrastructure 1.1 (RPMs) (5Server-i386) with certificate new_content.pem... ... successfully updated Updating repository Red Hat Update Infrastructure 1.1 (RPMs) (5Server-x86_64) with certificate new_content.pem... ... successfully updated Updating repository Red Hat Update Infrastructure 1.2 (RPMs) (5Server-i386) with certificate new_content.pem... ... successfully updated Updating repository Red Hat Update Infrastructure 1.2 (RPMs) (5Server-x86_64) with certificate new_content.pem... ... successfully updated Updating repository Red Hat Enterprise Linux Server 6 Optional Updates (RPMs) (6Server-x86_64) with certificate new_content.pem... ... successfully updated Updating repository Red Hat Enterprise Linux Server 6 Updates (RPMs) (6Server-x86_64) with certificate new_content.pem... ... successfully updated Red Hat Entitlements Valid Red Hat Enterprise Linux 5 Server Beta from RHUI (Debug RPMs) Expiration: 07-11-2012 Certificate: 5235838272810302347.pem Red Hat Enterprise Linux 5 Server Beta from RHUI (RPMs) Expiration: 07-11-2012 Certificate: 5235838272810302347.pem Red Hat Enterprise Linux 5 Server Beta from RHUI (Source RPMs) Expiration: 07-11-2012 Certificate: 5235838272810302347.pem Red Hat Enterprise Linux 5 Server from RHUI (Debug RPMs) Expiration: 07-11-2012 Certificate: 5235838272810302347.pem : ::: Red Hat Update Infrastructure 1.2 (Debug RPMs) Expiration: 07-11-2012 Certificate: 5235838272810302347.pem Red Hat Update Infrastructure 1.2 (ISOs) Expiration: 07-11-2012 Certificate: 5235838272810302347.pem Red Hat Update Infrastructure 1.2 (RPMs) Expiration: 07-11-2012 Certificate: 5235838272810302347.pem Red Hat Update Infrastructure 1.2 (RPMs) Expiration: 03-21-2012 Certificate: new_content.pem Red Hat Update Infrastructure 1.2 (Source RPMs) Expiration: 07-11-2012 Certificate: 5235838272810302347.pem Red Hat Update Infrastructure i386 Beta Optional (RPMs) Expiration: 03-21-2012 Certificate: new_content.pem Red Hat Update Infrastructure x86_64 Beta Optional (RPMs) Expiration: 03-21-2012 Certificate: new_content.pem Expiration: 03-21-2012 Certificate: new_content.pem ------------------------------------------------------------------------------ rhui (entitlements) => exit
However after uploading the content certs ( generated through stage env), I got following in rhui.log Successfully connected to [dhcp201-141.englab.pnq.redhat.com] Unexpected OID encountered [1.3.6.1.4.1.2312.9.1.148.1] Unexpected OID encountered [1.3.6.1.4.1.2312.9.4.11] Unexpected OID encountered [1.3.6.1.4.1.2312.9.4.10] Unexpected OID encountered [1.3.6.1.4.1.2312.9.4.13] Unexpected OID encountered [1.3.6.1.4.1.2312.9.4.15] Unexpected OID encountered [1.3.6.1.4.1.2312.9.4.14] Unexpected OID encountered [1.3.6.1.4.1.2312.9.4.5] Unexpected OID encountered [1.3.6.1.4.1.2312.9.4.7] Unexpected OID encountered [1.3.6.1.4.1.2312.9.4.6] Unexpected OID encountered [1.3.6.1.4.1.2312.9.4.1] Unexpected OID encountered [1.3.6.1.4.1.2312.9.4.3] Unexpected OID encountered [1.3.6.1.4.1.2312.9.4.2] Unexpected OID encountered [1.3.6.1.4.1.2312.9.5.1] Unexpected OID encountered [1.3.6.1.4.1.2312.9.1.147.1] Unexpected OID encountered [1.3.6.1.4.1.2312.9.4.12] Unexpected OID encountered [1.3.6.1.4.1.2312.9.4.16] Unexpected OID encountered [1.3.6.1.4.1.2312.9.1.148.1] Unexpected OID encountered [1.3.6.1.4.1.2312.9.4.11] Unexpected OID encountered [1.3.6.1.4.1.2312.9.4.10] Unexpected OID encountered [1.3.6.1.4.1.2312.9.4.13] Unexpected OID encountered [1.3.6.1.4.1.2312.9.4.15] Unexpected OID encountered [1.3.6.1.4.1.2312.9.4.14] Unexpected OID encountered [1.3.6.1.4.1.2312.9.4.5] Unexpected OID encountered [1.3.6.1.4.1.2312.9.4.7] Unexpected OID encountered [1.3.6.1.4.1.2312.9.4.6] Unexpected OID encountered [1.3.6.1.4.1.2312.9.4.1] Unexpected OID encountered [1.3.6.1.4.1.2312.9.4.3] Unexpected OID encountered [1.3.6.1.4.1.2312.9.4.2] Unexpected OID encountered [1.3.6.1.4.1.2312.9.5.1] Unexpected OID encountered [1.3.6.1.4.1.2312.9.1.147.1] Unexpected OID encountered [1.3.6.1.4.1.2312.9.4.12] Unexpected OID encountered [1.3.6.1.4.1.2312.9.4.16]
When I tried to add a new repo using rhui-manager, I got following traceback in rhui.log: ------------------------------------------------------------------------------ rhui (repo) => a Loading latest entitled products from Red Hat... An unexpected error has occurred during the last operation. More information can be found in /root/.rhui/rhui.log. ------------------------------------------------------------------------------ rhui.log: ========= Unexpected error caught at the shell level Traceback (most recent call last): File "/usr/lib/python2.6/site-packages/rhui/tools/shell.py", line 85, in safe_listen self.listen(clear=first_run) File "/usr/lib/python2.6/site-packages/rhui/tools/shell.py", line 111, in listen Shell.listen(self) File "/usr/lib/python2.6/site-packages/rhui/common/shell.py", line 191, in listen item.func(*args, **item.kwargs) File "/usr/lib/python2.6/site-packages/rhui/tools/screens/repo.py", line 122, in add self.candidate_repo_manager.translate_entitlements() File "/usr/lib/python2.6/site-packages/rhui/tools/repo_candidates.py", line 62, in translate_entitlements mappings = self.cdn_api.expand_variables(e.download_url, cert.cert_filename) File "/usr/lib/python2.6/site-packages/rhui/tools/cdn_api.py", line 70, in expand_variables mappings = self._translate_next_variable({'' : url}, cert_filename) File "/usr/lib/python2.6/site-packages/rhui/tools/cdn_api.py", line 104, in _translate_next_variable substitutions = self._request_get(listing_url, cert_filename).split('\n')[:-1] File "/usr/lib/python2.6/site-packages/rhui/tools/cdn_api.py", line 150, in _request_get server = self._server(cert_filename) File "/usr/lib/python2.6/site-packages/rhui/tools/cdn_api.py", line 176, in _server context.load_cert(cert_filename) File "/usr/lib64/python2.6/site-packages/M2Crypto/SSL/Context.py", line 79, in load_cert m2.ssl_ctx_use_privkey(self.ctx, keyfile) SSLError: no start line
Then I combined both files (cert and key file) in stage_content.pem as per following cmd and upload it using rhui-manager. #cat 5235838272810302347.pem key.pem > stage_content.pem I got same error in rhui.log saying "Unexpected OID encountered". However, when I tried to add a new repo, I got following traceback in pulp.log: Traceback (most recent call last): File "/usr/lib/python2.6/site-packages/rhui/tools/shell.py", line 85, in safe_listen self.listen(clear=first_run) File "/usr/lib/python2.6/site-packages/rhui/tools/shell.py", line 111, in listen Shell.listen(self) File "/usr/lib/python2.6/site-packages/rhui/common/shell.py", line 191, in listen item.func(*args, **item.kwargs) File "/usr/lib/python2.6/site-packages/rhui/tools/screens/repo.py", line 122, in add self.candidate_repo_manager.translate_entitlements() File "/usr/lib/python2.6/site-packages/rhui/tools/repo_candidates.py", line 62, in translate_entitlements mappings = self.cdn_api.expand_variables(e.download_url, cert.cert_filename) File "/usr/lib/python2.6/site-packages/rhui/tools/cdn_api.py", line 70, in expand_variables mappings = self._translate_next_variable({'' : url}, cert_filename) File "/usr/lib/python2.6/site-packages/rhui/tools/cdn_api.py", line 104, in _translate_next_variable substitutions = self._request_get(listing_url, cert_filename).split('\n')[:-1] File "/usr/lib/python2.6/site-packages/rhui/tools/cdn_api.py", line 155, in _request_get raise Exception(response.status, response.read()) Exception: (404, 'File not found.')
jdob, I know you guys looked at this bug in the morning, can you please summarize where we are w/ this bug.
The "Unexpected OID" thing isn't an error. It's meant as a warning that the certificate is containing data we're not expecting, but we're just going to ignore it. The 404 comes from the fact that there's an entitlement for: /content/dist/rhel/rhui/server/6/$releasever/$basearch/source/SRPMS When we encounter $releasever, we try to look up a listing file in CDN that indicates what to substitute in: https://cdn.redhat.com/content/dist/rhel/rhui/server/6/listing If you look in: https://cdn.redhat.com/content/dist/rhel/rhui/server There's not even a directory named 6. So either: 1. CDN is missing directories. 2. RHSM web is returning faulty entitlements that indicate content URLs that don't exist.
<dgregor> jdob, I'll fix <jdob> ok, where is the issue, is CDN missing stuff or is RHSM web returning faulty entitlements? <dgregor> CDN missing stuff
All of the content should be in CDN now.
I generated new content certs from stage and combined both the cert and key file in the stage_content.pem as below: root@dhcp201-133 entitlement]# ls 3699916758563663621.pem key.pem [root@dhcp201-133 entitlement]# cat 3699916758563663621.pem key.pem > stage_content.pem [root@dhcp201-133 entitlement]# rhui-manager Uploaded the stage_content.pem file using rhui-manager: ------------------------------------------------------------------------------ rhui (entitlements) => u Full path to the new content certificate: /root/entitlement/stage_content.pem The RHUI will be updated with the following certificate: /root/entitlement/stage_content.pem Proceed? (y/n) y Red Hat Entitlements Valid Red Hat Enterprise Linux 5 Server Beta from RHUI (Debug RPMs) Expiration: 07-11-2012 Certificate: stage_content.pem Red Hat Enterprise Linux 5 Server Beta from RHUI (RPMs) Expiration: 07-11-2012 Certificate: stage_content.pem Red Hat Enterprise Linux 5 Server Beta from RHUI (Source RPMs) Expiration: 07-11-2012 Certificate: stage_content.pem Red Hat Enterprise Linux 5 Server from RHUI (Debug RPMs) Expiration: 07-11-2012 Certificate: stage_content.pem Red Hat Enterprise Linux 5 Server from RHUI (RPMs) Expiration: 07-11-2012 Certificate: stage_content.pem Red Hat Enterprise Linux 5 Server from RHUI (Source RPMs) Expiration: 07-11-2012 Certificate: stage_content.pem Red Hat Enterprise Linux 6 Server - Optional Beta from RHUI (RPMs) Expiration: 07-11-2012 Certificate: stage_content.pem Red Hat Enterprise Linux 6 Server - Optional Beta from RHUI (Source RPMs) Expiration: 07-11-2012 Certificate: stage_content.pem Red Hat Enterprise Linux 6 Server - Optional Beta from RHUI(Debug RPMs) Expiration: 07-11-2012 Certificate: stage_content.pem Red Hat Enterprise Linux 6 Server - Optional from RHUI (Debug RPMs) Expiration: 07-11-2012 Certificate: stage_content.pem Red Hat Enterprise Linux 6 Server - Optional from RHUI (RPMs) Expiration: 07-11-2012 Certificate: stage_content.pem Red Hat Enterprise Linux 6 Server - Optional from RHUI (Source RPMs) Expiration: 07-11-2012 Certificate: stage_content.pem Red Hat Enterprise Linux 6 Server Beta from RHUI (Debug RPMs) Expiration: 07-11-2012 Certificate: stage_content.pem Red Hat Enterprise Linux 6 Server Beta from RHUI (RPMs) Expiration: 07-11-2012 Certificate: stage_content.pem Red Hat Enterprise Linux 6 Server Beta from RHUI (Source RPMs) Expiration: 07-11-2012 Certificate: stage_content.pem Red Hat Enterprise Linux 6 Server from RHUI (Debug RPMs) Expiration: 07-11-2012 Certificate: stage_content.pem Red Hat Enterprise Linux 6 Server from RHUI (RPMs) Expiration: 07-11-2012 Certificate: stage_content.pem Red Hat Enterprise Linux 6 Server from RHUI (Source RPMs) Expiration: 07-11-2012 Certificate: stage_content.pem Red Hat Update Infrastructure 1.2 (Debug RPMs) Expiration: 07-11-2012 Certificate: stage_content.pem Red Hat Update Infrastructure 1.2 (ISOs) Expiration: 07-11-2012 Certificate: stage_content.pem Red Hat Update Infrastructure 1.2 (RPMs) Expiration: 07-11-2012 Certificate: stage_content.pem Red Hat Update Infrastructure 1.2 (Source RPMs) Expiration: 07-11-2012 Certificate: stage_content.pem ------------------------------------------------------------------------------ rhui (entitlements) => ^ This time I didn't get any "oid" related error in rhui.log. I added a new repo with stage entitlements, following is the repo. Red Hat Enterprise Linux 6 Server - Optional from RHUI (Source RPMs) Repo was added successfuly without any error in pulp.log
I started the sync for newly addded repo. And later uploaded old content certs ( rhui-amazon). This time again I added following two repos using old content certs. - Red Hat Update Infrastructure 1.2 (RPMs) (5Server-i386) - Red Hat Update Infrastructure 1.2 (RPMs) (5Server-x86_64) Now I can sync the repos added from old content certs as well as from newly generated stage contents. ------------------------------------------------------------------------------ -= Red Hat Update Infrastructure Management Tool =- -= Repository Synchronization Status =- Last Refreshed: 16:30:15 (updated every 5 seconds, ctrl+c to exit) Next Sync Last Sync Last Result ------------------------------------------------------------------------------ Red Hat Enterprise Linux 6 Server - Optional from RHUI (Source RPMs) (6Server-x86_64) In Progress Never Never Red Hat Update Infrastructure 1.2 (RPMs) (5Server-i386) 07-18-2011 21:53 07-18-2011 15:55 Success Red Hat Update Infrastructure 1.2 (RPMs) (5Server-x86_64) 07-18-2011 21:53 07-18-2011 15:55 Success Connected: dhcp201-175.englab.pnq.redhat.com ------------------------------------------------------------------------------ ^Crhui (sync) =>
moving to release pending
closing out, product released