Red Hat Bugzilla – Bug 812003
Monitoring Scout will not start: Certificate verify failed.
Last modified: 2017-09-28 13:57:09 EDT
Description of problem: After enabling monitoring, when the spacewalk server is restarted the Monitoring Scout will not launch, citing an SSL verification error. Version-Release number of selected component (if applicable): Fedora 17 x86_64 Spacewalk 1.7 How reproducible: Always Steps to Reproduce: 1. Install Fedora and Spacewalk-postgresql. 2. Activate monitoring via the Spacewalk Admin panel 3. Run spacewalk-service restart Actual results: SSL verification error is thrown. Expected results: Monitoring Scout starts. Additional info: No channels have yet been configured - The first action taken on the spacewalk system was to enable monitoring which caused this error. Spacewalk.crt appears to exist in /etc/ssl/certs/, and has world readable permissions. SELinux has been temporarily set to permissive. Output is: Starting Monitoring ... Starting InstallSoftwareConfig ... [ OK ] Starting NotifEscalator ... [ OK ] Starting GenerateNotifConfig ... [ OK ] Starting NotifLauncher ... [ OK ] Starting Notifier ... [ OK ] Starting AckProcessor ... [ OK ] Starting TSDBLocalQueue ... [ OK ] [ OK ] Starting MonitoringScout ... Starting NPBootstrap ... 2012-04-12 23:19:12 NPBootstrap: !! ERROR FROM SHELL COMMAND: 2012-04-12 23:19:12 NPBootstrap: !! STDOUT: Requesting https://spacewalk.dev.firstyear.id.au/satconfig/cgi-bin/fetch_netsaintid.cgi?ssk=571081bf0906&publickey=ssh-dss%20AAAAB3NzaC1kc3MAAACBAK3QJPk3%2FbCmraoTCDO2tlVNA4sF9mI%2FdC%2FI0MdRzFNcQTkGqHYyJkxFJXL%2Fe10xwx3zjXr9SanAIZb5MpHht2KVHjDkPuxeHeAsYRP2g8cKMEtABUNddClmTRv5DoFq7h%2BkE6Ou6FGHoosVNseHD7SmMOKaOa7yguW3ilScNWOLAAAAFQD4A8LUC%2BZLrK3AQNV5Ok0%2Fhw%2BrRwAAAIEAqZNnPJdDlDmzcI77njcQfGbuh%2BzsLXQBxdWzUOjDP6EaLucc03VaxeJYlg3Rt1VNhaOY%2FmgBAmvYY2tIz3N3X2SkQrTv42YOAcEXAUReVSGQG0wNwMiNmKTtacB3LU7A2FVDRcuID7Z2AKAvMn22RBVJa9qnxvyE%2B5vR%2B2oI1TkAAACAfDLTSlSvqWiEoELL4gl2kCBJ3kvVYccsh54PPw6fsztT%2FEGWcaaam%2FVGER7yaOpOOnX%2BsjYLgB9CuarVyO6Ln%2B6rggYOzjrVbm1Dh%2BmepJlOgnvNb4v7GvxQpKfAYlOe9JL5ycaSanLKISthv8ABKHFfTHySrMYiGCpPjHR0qdc%3D%20nocpulse%40spacewalk%2Edev%2Efirstyear%2Eid%2Eau%0A Error on attempt 1: Status: '500 Can't connect to spacewalk.dev.firstyear.id.au:443 (certificate verify failed)'; content: 'Can't connect to spacewalk.dev.firstyear.id.au:443 (certificate verify failed) LWP::Protocol::https::Socket: SSL connect attempt failed with unknown errorerror:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed at /usr/share/perl5/LWP/Protocol/http.pm line 51. ' Error on attempt 2: Status: '500 Can't connect to spacewalk.dev.firstyear.id.au:443 (certificate verify failed)'; content: 'Can't connect to spacewalk.dev.firstyear.id.au:443 (certificate verify failed) LWP::Protocol::https::Socket: SSL connect attempt failed with unknown errorerror:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed at /usr/share/perl5/LWP/Protocol/http.pm line 51. ' Error on attempt 3: Status: '500 Can't connect to spacewalk.dev.firstyear.id.au:443 (certificate verify failed)'; content: 'Can't connect to spacewalk.dev.firstyear.id.au:443 (certificate verify failed) LWP::Protocol::https::Socket: SSL connect attempt failed with unknown errorerror:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed at /usr/share/perl5/LWP/Protocol/http.pm line 51. ' Error on attempt 4: Status: '500 Can't connect to spacewalk.dev.firstyear.id.au:443 (certificate verify failed)'; content: 'Can't connect to spacewalk.dev.firstyear.id.au:443 (certificate verify failed) LWP::Protocol::https::Socket: SSL connect attempt failed with unknown errorerror:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed at /usr/share/perl5/LWP/Protocol/http.pm line 51. ' Failed 5 times to get data for this node. 2012-04-12 23:19:12 NPBootstrap: !! STDERR: 2012-04-12 23:19:12 NPBootstrap: !! EXIT: 256 [ FAIL ] 2012-04-12 23:19:12 NPBootstrap: WARNING: STARTED BUT *NOT* RUNNING 2012-04-12 23:19:12 NPBootstrap: ERRORS ENCOUNTERED DURING LAST ACTION: 2012-04-12 23:19:12 NPBootstrap: !! ERROR FROM SHELL COMMAND: 2012-04-12 23:19:12 NPBootstrap: !! STDOUT: Requesting https://spacewalk.dev.firstyear.id.au/satconfig/cgi-bin/fetch_netsaintid.cgi?ssk=571081bf0906&publickey=ssh-dss%20AAAAB3NzaC1kc3MAAACBAK3QJPk3%2FbCmraoTCDO2tlVNA4sF9mI%2FdC%2FI0MdRzFNcQTkGqHYyJkxFJXL%2Fe10xwx3zjXr9SanAIZb5MpHht2KVHjDkPuxeHeAsYRP2g8cKMEtABUNddClmTRv5DoFq7h%2BkE6Ou6FGHoosVNseHD7SmMOKaOa7yguW3ilScNWOLAAAAFQD4A8LUC%2BZLrK3AQNV5Ok0%2Fhw%2BrRwAAAIEAqZNnPJdDlDmzcI77njcQfGbuh%2BzsLXQBxdWzUOjDP6EaLucc03VaxeJYlg3Rt1VNhaOY%2FmgBAmvYY2tIz3N3X2SkQrTv42YOAcEXAUReVSGQG0wNwMiNmKTtacB3LU7A2FVDRcuID7Z2AKAvMn22RBVJa9qnxvyE%2B5vR%2B2oI1TkAAACAfDLTSlSvqWiEoELL4gl2kCBJ3kvVYccsh54PPw6fsztT%2FEGWcaaam%2FVGER7yaOpOOnX%2BsjYLgB9CuarVyO6Ln%2B6rggYOzjrVbm1Dh%2BmepJlOgnvNb4v7GvxQpKfAYlOe9JL5ycaSanLKISthv8ABKHFfTHySrMYiGCpPjHR0qdc%3D%20nocpulse%40spacewalk%2Edev%2Efirstyear%2Eid%2Eau%0A Error on attempt 1: Status: '500 Can't connect to spacewalk.dev.firstyear.id.au:443 (certificate verify failed)'; content: 'Can't connect to spacewalk.dev.firstyear.id.au:443 (certificate verify failed) LWP::Protocol::https::Socket: SSL connect attempt failed with unknown errorerror:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed at /usr/share/perl5/LWP/Protocol/http.pm line 51. ' Error on attempt 2: Status: '500 Can't connect to spacewalk.dev.firstyear.id.au:443 (certificate verify failed)'; content: 'Can't connect to spacewalk.dev.firstyear.id.au:443 (certificate verify failed) LWP::Protocol::https::Socket: SSL connect attempt failed with unknown errorerror:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed at /usr/share/perl5/LWP/Protocol/http.pm line 51. ' Error on attempt 3: Status: '500 Can't connect to spacewalk.dev.firstyear.id.au:443 (certificate verify failed)'; content: 'Can't connect to spacewalk.dev.firstyear.id.au:443 (certificate verify failed) LWP::Protocol::https::Socket: SSL connect attempt failed with unknown errorerror:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed at /usr/share/perl5/LWP/Protocol/http.pm line 51. ' Error on attempt 4: Status: '500 Can't connect to spacewalk.dev.firstyear.id.au:443 (certificate verify failed)'; content: 'Can't connect to spacewalk.dev.firstyear.id.au:443 (certificate verify failed) LWP::Protocol::https::Socket: SSL connect attempt failed with unknown errorerror:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed at /usr/share/perl5/LWP/Protocol/http.pm line 51. ' Failed 5 times to get data for this node. 2012-04-12 23:19:12 NPBootstrap: !! STDERR: 2012-04-12 23:19:12 NPBootstrap: !! EXIT: 256 Starting SputLite ... [ OK ] Starting Dequeuer ... [ OK ] Starting Dispatcher ... [ OK ] [ OK ] Starting rhn-search...
(In reply to comment #0) > Description of problem: > After enabling monitoring, when the spacewalk server is restarted the > Monitoring Scout will not launch, citing an SSL verification error. > > Version-Release number of selected component (if applicable): > Fedora 17 x86_64 What Fedora and LWP versions are these exactly? > Error on attempt 4: Status: '500 Can't connect to > spacewalk.dev.firstyear.id.au:443 (certificate verify failed)'; content: > 'Can't connect to spacewalk.dev.firstyear.id.au:443 (certificate verify > failed) If you do export PERL_LWP_SSL_VERIFY_HOSTNAME=0 before running that spacewalk-service restart, does it seem to help?
This BZ closed some time during 2.5, 2.6 or 2.7. Adding to 2.7 tracking bug.