[Spacewalk-list] Help with client connection to Spacewalk Proxy via SSL with CA signed cert
Walid
walid.shaari at gmail.com
Fri Aug 12 19:03:46 UTC 2011
Dear William,
May I ask why you are using such topology spwalk + 2 proxy ? and do you mean
the ss.csr from proxis signed by the CA from the master space walk?
kind regards
Walid
On 12 August 2011 21:44, William Clark <majorgearhead at gmail.com> wrote:
> I solved the issue. I took the csr in /etc/httpd/conf/ssl.csr and used
> that to get a signed cert from my CA. I then took the resultant cert and
> moved it to /etc/httpd/conf/ssl.crt/server.crt. I then restarted httpd and
> I no longer get ssl errors on clients trying to connect to the proxy with
> ssl. Nothing else broke in the process so I believe I am good to go.
>
> William Clark
>
> On Aug 12, 2011, at 11:07 AM, William Clark wrote:
>
> > Here is some background on the system I am running. I currently have a
> single spacewalk server running SW1.4 and I have 2 proxy servers running
> proxy 1.4.
> >
> > On my spacewalk server I have a CA signed cert and set everything up for
> that. I connected the proxy's and they communicate to the master server
> over ssl with no issues. The problem comes in when I try to connect via SSL
> from a client to one of the proxy servers. I get SSL certificate errors. I
> suspect that this may have something to do with the fact that I have a CA
> signed cert on the master but not the proxy's. So when the proxy's try and
> validate their self signed certs against the CA chain I have from a valid CA
> they cannot validate their certs.
> >
> > Question is, is there a way to get CA signed certs in place on the
> proxy's so that I can connect to the proxy's from clients via SSL?
> >
> > William Clark
> >
>
>
> _______________________________________________
> Spacewalk-list mailing list
> Spacewalk-list at redhat.com
> https://www.redhat.com/mailman/listinfo/spacewalk-list
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/spacewalk-list/attachments/20110812/a241fb96/attachment.htm>
More information about the Spacewalk-list
mailing list