Hello everyone,
I have installed openscap plugin for existing foreman 1.15 and trying to get the compliance report for a server, facing few issues during this process. Having trouble assigning policy to host, its not loading to select the existing policy. So I have tried from command line by running /usr/bin/foreman_scap_client 1 below is the confi file /etc/foreman_scap_client/config.yaml # DO NOT EDIT THIS FILE MANUALLY # IT IS MANAGED BY PUPPET # Foreman proxy to which reports should be uploaded :server: 'foremanproxy.example.com' :port: 8443 ## SSL specific options ## # Client CA file. # It could be Puppet CA certificate (e.g., '/var/lib/puppet/ssl/certs/ca.pem') # Or (recommended for client reporting to Katello) subscription manager CA file, (e.g., '/etc/rhsm/ca/katello-server-ca.pem') :ca_file: '/etc/puppetlabs/puppet/ssl/certs/ca.pem' # Client host certificate. # It could be Puppet agent host certificate (e.g., '/var/lib/puppet/ssl/certs/myhost.example.com.pem') # Or (recommended for client reporting to Katello) consumer certificate (e.g., '/etc/pki/consumer/cert.pem') :host_certificate: '/etc/puppetlabs/puppet/ssl/certs/localhost.example.com.pem' # Client private key # It could be Puppet agent private key (e.g., '/var/lib/puppet/ssl/private_keys/myhost.example.com.pem') # Or (recommended for client reporting to Katello) consumer private key (e.g., '/etc/pki/consumer/key.pem') :host_private_key: '/etc/puppetlabs/puppet/ssl/private_keys/localhost.example.com.pem' # policy (key is id as in Foreman) 1: :profile: '' :content_path: '/usr/share/xml/scap/ssg/content/ssg-rhel7-ds.xml' # Download path # A path to download SCAP content from proxy :download_path: '/compliance/policies/1/content' :tailoring_path: '' :tailoring_download_path: '' root localhost [~] # /usr/bin/foreman_scap_client 1 DEBUG: running: oscap xccdf eval --results-arf /tmp/d20170615-1073-zzt674/results.xml /usr/share/xml/scap/ssg/content/ssg-rhel7-ds.xml WARNING: Skipping http://www.redhat.com/security/data/oval/Red_Hat_Enterprise_Linux_7.xml file which is referenced from XCCDF content DEBUG: running: /usr/bin/bzip2 /tmp/d20170615-1073-zzt674/results.xml Uploading results to https://foreman.example.com:8443/compliance/arf/1 At https://foreman.example.com:8443/compliance/arf/1 it through a message as " No client SSL certificate supplied " Below are logs from foreman-proxy server /var/log/foreman-proxy/proxy.log https://pastebin.com/uFLAZffP Can anyone please help me with this. Thank you Sai Krishna -- You received this message because you are subscribed to the Google Groups "Foreman users" group. To unsubscribe from this group and stop receiving emails from it, send an email to foreman-users+unsubscr...@googlegroups.com. To post to this group, send email to foreman-users@googlegroups.com. Visit this group at https://groups.google.com/group/foreman-users. For more options, visit https://groups.google.com/d/optout.
