[Spacewalk-list] question about tls verify osad client

Jan Wildeboer jwildebo at redhat.com
Thu Jul 24 09:23:37 UTC 2008


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Michiel van Es wrote:

| 2008-07-07 02:08:01 osad._setup_config: Time drift 1500520

There could be a few things going wrong here, so to check from bottom up
I would suggest to make sure:

1. Time is synchronized between the spacewalk server and the client.
Timedrift are a real problem in TLS handshakes.

2. Name resolution works from the client and reverse resolver points to
the correct hostname.

3. Certificate does *NOT* contain the hostname in capital letters (this
causes weird problems, I know from experience)

HTH

Jan
- --
Jan H Wildeboer          |
EMEA Open Source Affairs | Office: +49 (0)89 205071-207
Red Hat GmbH             | Mobile: +49 (0)174 33 23 249
Otto-Hahn-Str.20         | Fax:    +49 (0)89 205071-111
D-85609 Dornach/Munich   | eMail:  jan.wildeboer at redhat.com
_____________________________________________________________________

GPG-Key-ID:      5DEBAFB0
GPG-Fingerprint: 6104 0F74 8513 F17E DFD5  E820 6F61 A078 5DEB AFB0
_____________________________________________________________________

Reg. Adresse: Red Hat GmbH, Otto-Hahn-Strasse 20, 85609 Dornach bei Muenchen
Handelsregister: Amtsgericht Muenchen HRB 153243
Geschaeftsfuehrer: Brendan Lane, Charlie Peters, Michael Cunningham,
~                   Werner Knoblich
_____________________________________________________________________
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
Comment: Using GnuPG with Red Hat - http://enigmail.mozdev.org

iD8DBQFIiEoZb2GgeF3rr7ARAg9kAKCU5ObxHR76V4NInyHalsZVJGWinQCfcoeU
rmDDcKBl9GU6B6reBo0TXWo=
=yvEn
-----END PGP SIGNATURE-----




More information about the Spacewalk-list mailing list