[katello-devel] Certificate authority for RHSM
Garik Khachikyan
gkhachik at redhat.com
Tue Oct 4 07:34:13 UTC 2011
On 10/03/2011 03:07 PM, Lukas Zapletal wrote:
> Hey,
>
> me and Sachin ran into issues with rhsm giving "certificate verify
> failed" against Katello. As the workarond was to awfully set
> insecure=1 in the rhsm.log we worked out on better solution.
>
> It turned out rhsm is not accepting certificates in crl format, only
> in pem format. Therefore I modified our advanced installation guide to
> convert the certificate for rhsm.
>
> https://fedorahosted.org/katello/wiki/AdvancedInstallation?action=diff&version=4
>
>
> There is no need of modifying puppet manifests since this is a change
> on the client side. By the way we should start maybe a new wiki page
> dedicated to client side configuration.
>
Hey Lukas,
Hope you don't mind (I bring back the line telling the directory of
*.crt certificate place - otherwise one could loose the reference where
to take that file).
https://fedorahosted.org/katello/wiki/AdvancedInstallation?action=diff&version=5
<https://fedorahosted.org/katello/wiki/AdvancedInstallation?action=diff&version=5>
The line about converting to *.pem is right below. Thanks a lot for that
post.
Garik.
More information about the katello-devel
mailing list