[Spacewalk-list] clients behind proxy server can't reach RPMs from Spacewalk parent server
Michael Mraka
michael.mraka at redhat.com
Fri Nov 15 13:57:10 UTC 2013
Balint Szigeti wrote:
% hello
%
% I've increased the log level on the proxy server (in rhn.conf ->
% debug = 9) and the /var/log/rhn/rhn_proxy_broker.log file includes
% more but I didn't find the answer.
Are you able to connect to the proxy e.g. with browser (to make sure it
works)?
% Could it be the problem when I've run the
% /usr/sbin/configure-proxy.sh script and it's asked the ssl-build
% directory, then RHN-ORG-TRUSTED-SSL-CERT, RHN-ORG-PRIVATE-SSL-KEY,
% rhn-ca-openssl.cnf
% I've copied them from the Parent server so the CA is same with the
% Parent. I think, it correct but correct me if I'm wrong.
That's correct way how to use the same certification authority on both
spacewalk and proxy.
% Balint
%
%
% >hello
% >
% >I've set up the proxy server
% >(https://fedorahosted.org/spacewalk/wiki/HowToInstallProxy). The
% >proxy can install from Spacewalk central/parent server's repo
% >(with yum install PackageName) but the clients which were
% >registered via proxy can't be updated itself by 'yum update'
% >command and can't install packages because can't receive the
% >repmod.xml file from reposytory which is Spacewalk.
% >
% >The proxy uses SSL. The certificate is not break and not expired.
% >The clients use only Spacewalk as repo (/This system is receiving
% >updates from RHN Classic or Red Hat Satellite./)
% >
% >I tried to debug the proxy server and I checked, the Squid can
% >reach the Parent server. The HTTPD receives the clients' hits and
% >this is in the access.log:
% >/"POST /XMLRPC HTTP/1.1" 200 121 "-" "rhn.rpclib.py/2.5.65-1.el6"/
% >
% >This file includes these lines:
% >/from wsgi import wsgiHandler//
% >//
% >//def application(environ, start_response)://
% >// return wsgiHandler.handle(environ, start_response,//
% >// "broker", "proxy.broker",//
% >// "proxy.apacheServer")//
% >/
% >The Squid's doesn't get any hits from localhost and outside. The
% >SELinux and firewall is off.
% >
% >I checked the /var/log/rhn/rhn_proxy_broker.log but I didn't find
% >any useful things in it:
% >/2013/11/12 13:43:22 +01:00 1464 0.0.0.0:
% >proxy/apacheServer.__call__('New request, component
% >proxy.broker',)//
% >//2013/11/12 13:43:22 +01:00 1464 172.24.100.218:
% >broker/rhnBroker.handler//
% >//2013/11/12 13:43:22 +01:00 1464 172.24.100.218:
% >proxy/rhnShared._serverCommo//
% >//2013/11/12 13:43:22 +01:00 1464 172.24.100.218:
% >broker/rhnBroker.__handleAction//
% >//2013/11/12 13:43:22 +01:00 1464 172.24.100.218:
% >broker/rhnBroker.__cacheClientSessionToken//
% >//2013/11/12 13:43:22 +01:00 1464 172.24.100.218:
% >proxy/rhnShared._clientCommo//
% >//2013/11/12 13:43:22 +01:00 1464 172.24.100.218:
% >proxy/rhnShared._forwardServer2Client//
% >//2013/11/12 13:43:22 +01:00 1464 172.24.100.218:
% >proxy/apacheHandler.handler('Leaving with status code 0',)//
% >//2013/11/12 13:43:22 +01:00 1464 172.24.100.218:
% >proxy/apacheHandler.cleanupHandler/
% >
% >
% >Can anybody give any advice?
% >
% >Balint
%
--
Michael Mráka
Satellite Engineering, Red Hat
More information about the Spacewalk-list
mailing list