Description of problem: template export and the ueber certificate that generates for the according organization, does not unlock access to the pulp repo actually. Apache still complains: --- "Forbidden: You don't have permission to access /pulp/repos/ACME_Corporation/Dev/fedora15/f15-x86_64 on this server." Version-Release number of selected component (if applicable): recent katello: katello-0.1.103-1.git.1.eaaf33d.el6.x86_64 How reproducible: always Steps to Reproduce: 1. create provider: fedora 2. create product fedora15 3. create repo f15-x86_64 4. sync the repo 5. create a template, add that product 6. generate ueber cert (through cli: `org generate_uebercert --name ACME_Corporation`) 7. do the template export (again from cli: template export) 8. browse the file content: xmllint --format --recover <filename>.xml 9. copy the block with (clientcert) to: client.crt 10. copy the block with (clientkey) to: client.key 11. do create Firefox format pkcs12 cert: `openssl pkcs12 -keypbe PBE-SHA1-3DES -certpbe PBE-SHA1-3DES -export -in client.crt -inkey client.key -out <certname>.pfx -name "<any_name>"` 12. import to firefox the *.pfx certificate 13. try to access in the Firefox url under (repository->url) like: https://<fqdn>/pulp/repos/ACME_Corporation/Dev/fedora15/f15-x86_64 Actual results: Error - forbidden Expected results: content should be unlocked/displayed Additional info: We really need the TDL export scenario to be functional with E2E scenario.
My fault actually - I was mixing the certificates (using another pulp certificate with different info there). Keeping the certificates stuff untouched the scenario above works fine. ONE NOTE ONLY: trying to access to directories would fail, use the files to list/access instead, like: "/pulp/repos/ACME_Corporation/Dev/fedora15/f15-x86_64/repodata/repomd.xml"