[Spacewalk-list] rhnpush and self signed certificate

[Michael Mraka]

Paul Robert Marino wrote:
% Well there are a few reasons why this could happen.
% The short answer is no.
% The most common problem that causes this is a severe time and or date offset
% between the server an the host. The way to fix that is ntp.
% 
% The second is a hostname resolution mismatch. The easiest way to work around
% this is if you don't have full forward and reverse controls of the lookup you
% can set the host name as the up address and that will fool the openssl
% libraries into acting the way you want. And there is a series of well
% documented commands you need to run to rename the host in spacewalk and make
% new self signed certs to make that work
% 
% The third scenario is you didn't answer the questions properly during the
% install and it defaulted to the hostname but not the FQDN in other words the
% hostname without the domain. Essentially in that case you need to recreate the
% self signed certs with the FQDN

Also make sure you have correct path to certificate 
in /etc/sysconfig/rhn/rhnpushrc:

  #The CA cert used to verify the ssl server
  ca_chain        =   /usr/share/rhn/RHN-ORG-TRUSTED-SSL-CERT

% ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
% Hi,
% 
% I've installed and configured Spacewalk on Fedora 19. The WebUI is
% running correctly.
% When I try to use rhnpush to put a new package I get the following
% error:
% 
% [root at localhost ~]# rhnpush --verbose --nosig
% --channel=debian_amd64_wheezy vim_7.4.000-1_amd64.deb
% Connecting to https://localhost/APP
% Username: admin
% Password:
% 
% ERROR: unhandled exception occurred: ([('SSL routines',
% 'SSL3_GET_SERVER_CERTIFICATE', 'certificate verify failed')]).
% 
% This problem seems related to the self signed certificate Apache is
% using. Is there any way to tell rhnpush to do not verify the
% certificate?
% 
% Thanks in advance.


Regards,

--
Michael Mráka
Satellite Engineering, Red Hat