Bug 789449 - SSL commonName verification does not work on multihome SAM
Summary: SSL commonName verification does not work on multihome SAM
Keywords:
Status: CLOSED WONTFIX
Alias: None
Product: Red Hat Satellite
Classification: Red Hat
Component: Content Management
Version: 6.0.0
Hardware: Unspecified
OS: Unspecified
unspecified
low vote
Target Milestone: Unspecified
Assignee: Katello Bug Bin
QA Contact: Katello QA List
URL:
Whiteboard:
Depends On:
Blocks: 795879 sam20-tracker
TreeView+ depends on / blocked
 
Reported: 2012-02-10 19:23 UTC by Mike Khusid
Modified: 2018-08-30 21:57 UTC (History)
6 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
: 795879 (view as bug list)
Environment:
Last Closed: 2014-03-18 17:39:16 UTC
Target Upstream Version:

Attachments (Terms of Use)
katello.conf (1.64 KB, text/plain)
2012-02-10 19:23 UTC, Mike Khusid 		no flags Details
View All Add an attachment (proposed patch, testcase, etc.)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Bugzilla 332011 1 None None None 2021-01-20 06:05:38 UTC

Description Mike Khusid 2012-02-10 19:23:26 UTC 
Created attachment 560954 [details]
katello.conf

Take a SAM instance which is connected to three networks.

on enterprise vlan0, hostname is sam-lab1.example.com
on private vlan1, hostname is sam.vlan1-lab1
on private vlan2, hostname is sam-lab1.vlan2

SSL certificate is likely to be created to hostname sam-lab1.example.com during katello-configure.

Clients on vlan1 and vlan2 need to connect to SAM using corresponding vlans. They do not have connection to vlan0.

When a customer tries to initiate a connection from a client to a server, they get a message "Peer certificate commonName does not match host". 

Attaching /etc/httpd/conf.d/katello.conf as a reference -- it's created by katello-install.
Comment 12 Bryan Kearney 2013-07-30 16:33:23 UTC 
moving to sam14
Comment 13 Mike McCune 2014-03-18 17:39:16 UTC 
This bug was closed because of a lack of activity.  If you feel this bug should be reconsidered for attention please feel free to re-open the bug with a comment stating why it should be reconsidered.
Note You need to log in before you can comment on or make changes to this bug.