[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

[Pulp-list] Authenticated repositories



Hi,
all my name is Giacomo. First of all, thank you for the great job: pulp is really cool!

I've a a few question and little problem concerning authenticated repositories.

I tried to setup one authenticated repository using this post (http://blog.pulpproject.org/2011/05/18/pulp-protected-repositories/) and making some little modification to adapt the commands to the latest stable release (pulp-1.1.11) on a CentOS 6.3. I can register and bind the repository from the consumer, but I can't authenticate to repository. The error returned by a "yum repolist" is self-explanatory:

[Errno 14] PYCURL ERROR 22 - "The requested URL returned error: 403"

And, on server side:

[Thu Sep 27 18:08:29 2012] [error] [client 192.168.5.34] Request denied to destination [/pulp/repos/myRepo/repodata/repomd.xml] [Thu Sep 27 18:08:29 2012] [error] [client 192.168.5.34] mod_wsgi (pid=1775): Client denied by server configuration: '/var/www/pub/repos/myRepo/repodata/repomd.xml'

I used the apache ssl cert to sign client entitlement and when the client binds to the server it receives ca cert and entitlement cert.
I also set sslverify to 0, cause the cert is self-signed.

What can I check? Apparently all config files are correct, I also temporary disabled selinux and iptables.
If needed, I can post all config files.
I also checked the apache configuration and I don't think the problem is there: I can access non-authenticated repositories without problem.

We need to setup a big public repository and lot of small authenticated ones and we wish to use entitlement certs to identify the clients. Is there a way to prevent the server from sending certs to client? I'd prefer to do this thing manually so the entitlement will be a sort of "unique key" for the server.


Thank you in advance, ad sorry for the long mail!
--
Giacomo Sanchietti

Nethesis srl
Via degli Olmi 12 - 61122 Pesaro (PU)
tel. +39 0721 405516 - fax +39 0721 268147
www.nethesis.it - supporto nethesis it


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]