Bug 789449 - SSL commonName verification does not work on multihome SAM
SSL commonName verification does not work on multihome SAM
Status: CLOSED WONTFIX
Product: Red Hat Satellite 6
Classification: Red Hat
Component: Content Management (Show other bugs)
6.0.0
Unspecified Unspecified
unspecified Severity low (vote)
: Unspecified
: 6.0
Assigned To: Katello Bug Bin
Katello QA List
: Triaged
Depends On:
Blocks: sam20-tracker 795879
  Show dependency treegraph
 
Reported: 2012-02-10 14:23 EST by Mike Khusid
Modified: 2014-09-18 12:47 EDT (History)
6 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
: 795879 (view as bug list)
Environment:
Last Closed: 2014-03-18 13:39:16 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)
katello.conf (1.64 KB, text/plain)
2012-02-10 14:23 EST, Mike Khusid
no flags Details

  None (edit)
Description Mike Khusid 2012-02-10 14:23:26 EST
Created attachment 560954 [details]
katello.conf

Take a SAM instance which is connected to three networks.

on enterprise vlan0, hostname is sam-lab1.example.com
on private vlan1, hostname is sam.vlan1-lab1
on private vlan2, hostname is sam-lab1.vlan2

SSL certificate is likely to be created to hostname sam-lab1.example.com during katello-configure.

Clients on vlan1 and vlan2 need to connect to SAM using corresponding vlans. They do not have connection to vlan0.

When a customer tries to initiate a connection from a client to a server, they get a message "Peer certificate commonName does not match host". 

Attaching /etc/httpd/conf.d/katello.conf as a reference -- it's created by katello-install.
Comment 12 Bryan Kearney 2013-07-30 12:33:23 EDT
moving to sam14
Comment 13 Mike McCune 2014-03-18 13:39:16 EDT
This bug was closed because of a lack of activity.  If you feel this bug should be reconsidered for attention please feel free to re-open the bug with a comment stating why it should be reconsidered.

Note You need to log in before you can comment on or make changes to this bug.