Bug 732781 - ipa entitle-register : returns internal server error
Summary: ipa entitle-register : returns internal server error
Keywords:
Status: CLOSED WONTFIX
Alias: None
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: subscription-manager
Version: 5.7
Hardware: Unspecified
OS: Unspecified
high
high
Target Milestone: beta
: 5.8
Assignee: Bryan Kearney
QA Contact: John Sefler
URL:
Whiteboard:
Depends On: 732519
Blocks: 715031
TreeView+ depends on / blocked
 
Reported: 2011-08-23 15:12 UTC by Jenny Severance
Modified: 2011-10-20 16:25 UTC (History)
2 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of: 732519
Environment:
Last Closed: 2011-10-20 16:25:48 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)

Description Jenny Severance 2011-08-23 15:12:29 UTC 
+++ This bug was initially created as a clone of Bug #732519 +++

Description of problem:

# ipa entitle-register
Username: myid
Password: 
Enter Password again to verify: 
ipa: ERROR: cannot connect to u'https://hp-dl140g2-01.rhts.eng.rdu.redhat.com/ipa/xml': Internal Server Error


/etc/httpd/errors_log :

[Mon Aug 22 15:06:22 2011] [error] ipa: INFO: Using basic authentication as: myid
[Mon Aug 22 15:06:22 2011] [error] ipa: WARNING: Error fetching supported resources, this UEPConnection is likely not usable:
[Mon Aug 22 15:06:22 2011] [error] ipa: ERROR: 
[Mon Aug 22 15:06:22 2011] [error] Traceback (most recent call last):
[Mon Aug 22 15:06:22 2011] [error]   File "/usr/lib/python2.6/site-packages/rhsm/connection.py", line 374, in _load_supported_resources
[Mon Aug 22 15:06:22 2011] [error]     resources_list = self.conn.request_get("/")
[Mon Aug 22 15:06:22 2011] [error]   File "/usr/lib/python2.6/site-packages/rhsm/connection.py", line 250, in request_get
[Mon Aug 22 15:06:22 2011] [error]     return self._request("GET", method)
[Mon Aug 22 15:06:22 2011] [error]   File "/usr/lib/python2.6/site-packages/rhsm/connection.py", line 189, in _request
[Mon Aug 22 15:06:22 2011] [error]     self._load_ca_certificates(context)
[Mon Aug 22 15:06:22 2011] [error]   File "/usr/lib/python2.6/site-packages/rhsm/connection.py", line 175, in _load_ca_certificates
[Mon Aug 22 15:06:22 2011] [error]     raise BadCertificateException(cert_path)
[Mon Aug 22 15:06:22 2011] [error] BadCertificateException
[Mon Aug 22 15:06:22 2011] [error] ipa: INFO: Connection Established: host: localhost, port: 8443, handler: /candlepin
[Mon Aug 22 15:06:22 2011] [error] [client 10.10.9.145] mod_wsgi (pid=8677): Exception occurred processing WSGI script '/usr/share/ipa/wsgi.py'.
[Mon Aug 22 15:06:22 2011] [error] [client 10.10.9.145] Traceback (most recent call last):
[Mon Aug 22 15:06:22 2011] [error] [client 10.10.9.145]   File "/usr/share/ipa/wsgi.py", line 48, in application
[Mon Aug 22 15:06:22 2011] [error] [client 10.10.9.145]     return api.Backend.session(environ, start_response)
[Mon Aug 22 15:06:22 2011] [error] [client 10.10.9.145]   File "/usr/lib/python2.6/site-packages/ipaserver/rpcserver.py", line 142, in __call__
[Mon Aug 22 15:06:22 2011] [error] [client 10.10.9.145]     return self.route(environ, start_response)
[Mon Aug 22 15:06:22 2011] [error] [client 10.10.9.145]   File "/usr/lib/python2.6/site-packages/ipaserver/rpcserver.py", line 154, in route
[Mon Aug 22 15:06:22 2011] [error] [client 10.10.9.145]     return app(environ, start_response)
[Mon Aug 22 15:06:22 2011] [error] [client 10.10.9.145]   File "/usr/lib/python2.6/site-packages/ipaserver/rpcserver.py", line 249, in __call__
[Mon Aug 22 15:06:22 2011] [error] [client 10.10.9.145]     response = self.wsgi_execute(environ)
[Mon Aug 22 15:06:22 2011] [error] [client 10.10.9.145]   File "/usr/lib/python2.6/site-packages/ipaserver/rpcserver.py", line 220, in wsgi_execute
[Mon Aug 22 15:06:22 2011] [error] [client 10.10.9.145]     result = self.Command[name](*args, **options)
[Mon Aug 22 15:06:22 2011] [error] [client 10.10.9.145]   File "/usr/lib/python2.6/site-packages/ipalib/frontend.py", line 425, in __call__
[Mon Aug 22 15:06:22 2011] [error] [client 10.10.9.145]     ret = self.run(*args, **options)
[Mon Aug 22 15:06:22 2011] [error] [client 10.10.9.145]   File "/usr/lib/python2.6/site-packages/ipalib/frontend.py", line 731, in run
[Mon Aug 22 15:06:22 2011] [error] [client 10.10.9.145]     return self.execute(*args, **options)
[Mon Aug 22 15:06:22 2011] [error] [client 10.10.9.145]   File "/usr/lib/python2.6/site-packages/ipalib/plugins/baseldap.py", line 668, in execute
[Mon Aug 22 15:06:22 2011] [error] [client 10.10.9.145]     ldap, dn, entry_attrs, attrs_list, *keys, **options
[Mon Aug 22 15:06:22 2011] [error] [client 10.10.9.145]   File "/usr/lib/python2.6/site-packages/ipalib/plugins/entitle.py", line 529, in pre_callback
[Mon Aug 22 15:06:22 2011] [error] [client 10.10.9.145]     result = admin_cp.registerConsumer(name=api.env.realm, type="domain")
[Mon Aug 22 15:06:22 2011] [error] [client 10.10.9.145]   File "/usr/lib/python2.6/site-packages/rhsm/connection.py", line 420, in registerConsumer
[Mon Aug 22 15:06:22 2011] [error] [client 10.10.9.145]     return self.conn.request_post(url, params)
[Mon Aug 22 15:06:22 2011] [error] [client 10.10.9.145]   File "/usr/lib/python2.6/site-packages/rhsm/connection.py", line 253, in request_post
[Mon Aug 22 15:06:22 2011] [error] [client 10.10.9.145]     return self._request("POST", method, params)
[Mon Aug 22 15:06:22 2011] [error] [client 10.10.9.145]   File "/usr/lib/python2.6/site-packages/rhsm/connection.py", line 189, in _request
[Mon Aug 22 15:06:22 2011] [error] [client 10.10.9.145]     self._load_ca_certificates(context)
[Mon Aug 22 15:06:22 2011] [error] [client 10.10.9.145]   File "/usr/lib/python2.6/site-packages/rhsm/connection.py", line 175, in _load_ca_certificates
[Mon Aug 22 15:06:22 2011] [error] [client 10.10.9.145]     raise BadCertificateException(cert_path)
[Mon Aug 22 15:06:22 2011] [error] [client 10.10.9.145] BadCertificateException


Version-Release number of selected component (if applicable):

# rpm -qi ipa-server
Name        : ipa-server                   Relocations: (not relocatable)
Version     : 2.1.0                             Vendor: Red Hat, Inc.
Release     : 1.el6                         Build Date: Mon 15 Aug 2011 06:26:27 PM EDT
Install Date: Mon 22 Aug 2011 02:25:15 PM EDT      Build Host: x86-005.build.bos.redhat.com
Group       : System Environment/Base       Source RPM: ipa-2.1.0-1.el6.src.rpm
Size        : 3296786                          License: GPLv3+
Signature   : (none)
Packager    : Red Hat, Inc. <http://bugzilla.redhat.com/bugzilla>
URL         : http://www.freeipa.org/
Summary     : The IPA authentication server
Description :
IPA is an integrated solution to provide centrally managed Identity (machine,
user, virtual machines, groups, authentication credentials), Policy
(configuration settings, access control information) and Audit (events,
logs, analysis thereof). If you are installing an IPA server you need
to install this package (in other words, most people should NOT install
this package).

# cat /etc/redhat-release 
Red Hat Enterprise Linux Server release 6.2 Beta (Santiago)

How reproducible:


Steps to Reproduce:
1. install ipa server
2. ipa entitle-register (make sure /etc/rhsm/rhsm.conf points to valid candlepin server
3.
  
Actual results:
ipa: ERROR: cannot connect to u'https://hp-dl140g2-01.rhts.eng.rdu.redhat.com/ipa/xml': Internal Server Error

Expected results:
successful registration

Additional info:

nothing to note from rhsm.log

--- Additional comment from dpal on 2011-08-22 16:12:37 EDT ---

Upstream ticket:
https://fedorahosted.org/freeipa/ticket/1694

--- Additional comment from jgalipea on 2011-08-23 11:11:26 EDT ---

cloning bug for candlepin ... as development believes the problem is on their side.
Comment 2 Bryan Kearney 2011-08-23 15:53:44 UTC 
any other info? The url does not look like a candlepin url.
Comment 3 Rob Crittenden 2011-08-23 17:06:06 UTC 
The IPA server performs the candlepin request on behalf of the user. The error is in loading the CA certificates. It isn't clear what the error is though.

Jenny, can you attach your rhsm.conf?

Bryan, we currently do calls like this:

admin_cp = UEPConnection(handler='/candlepin', username=keys[-1], password=options.get('password'))
result = admin_cp.registerConsumer(name=api.env.realm, type="domain")
Note You need to log in before you can comment on or make changes to this bug.