I forgot to tell that other commands work with puppet certificates: pulp-admin login -u admin -p admin pulp-consumer -u admin -p admin register --consumer-id my-consumer pulp-consumer -u admin -p admin unregister
Only "pulp-admin consumer" is failing. On Fri, Sep 12, 2014 at 7:23 PM, Cristian Falcas <cristi.fal...@gmail.com> wrote: > Hello, > > I'm trying to set puppet certificates to be used by foreman, but I can't > manage to amke it work. > > Actually only one of the commands doesn't work: > > pulp-admin consumer unregister --consumer-id my-consumer1 > An error occurred attempting to contact the server. More information can be > found in the client log file ~/.pulp/admin.log. > > tail ~/.pulp/admin.log > self.context.server.consumer.unregister(consumer_id) > File "/usr/lib/python2.7/site-packages/pulp/bindings/consumer.py", line > 55, in unregister > return self.server.DELETE(path) > File "/usr/lib/python2.7/site-packages/pulp/bindings/server.py", line > 90, in DELETE > return self._request('DELETE', path, body=body) > File "/usr/lib/python2.7/site-packages/pulp/bindings/server.py", line > 143, in _request > response_code, response_body = self.server_wrapper.request(method, > url, body) > File "/usr/lib/python2.7/site-packages/pulp/bindings/server.py", line > 326, in request > raise exceptions.ConnectionException(None, str(err), None) > ConnectionException: (None, 'sslv3 alert bad certificate', None) > > > This is the default certificate made by pulp: ca.crt > Certificate: > Data: > Version: 1 (0x0) > Serial Number: 13145249922930536020 (0xb66d4f288c016e54) > Signature Algorithm: sha1WithRSAEncryption > Issuer: CN=machine.optymyze.net, O=PULP > Validity > Not Before: Sep 11 17:23:23 2014 GMT > Not After : Dec 15 17:23:23 2033 GMT > Subject: CN=machine.optymyze.net, O=PULP > Subject Public Key Info: > Public Key Algorithm: rsaEncryption > Public-Key: (2048 bit) > Modulus: > Exponent: 65537 (0x10001) > Signature Algorithm: sha1WithRSAEncryption > > > This one is from puppet: pp_ca_cert.pem > Certificate: > Data: > Version: 3 (0x2) > Serial Number: 564 (0x234) > Signature Algorithm: sha256WithRSAEncryption > Issuer: CN=Puppet CA: puppet.company.net > Validity > Not Before: Sep 1 10:19:31 2014 GMT > Not After : Sep 1 10:19:31 2019 GMT > Subject: CN=machine.optymyze.net > Subject Public Key Info: > Public Key Algorithm: rsaEncryption > Public-Key: (4096 bit) > Modulus: > Exponent: 65537 (0x10001) > X509v3 extensions: > X509v3 Subject Key Identifier: > 2B:D0:25:E9:C0:EE:23:91:26:AD:16:8F:85:B5:C2:85:B7:66:B7:24 > Netscape Comment: > Puppet Ruby/OpenSSL Internal Certificate > X509v3 Extended Key Usage: critical > TLS Web Server Authentication, TLS Web Client > Authentication > X509v3 Basic Constraints: critical > CA:FALSE > X509v3 Key Usage: critical > Digital Signature, Key Encipherment > X509v3 Authority Key Identifier: > > keyid:24:63:CC:70:4B:17:C7:FC:DB:82:65:66:E3:E4:6A:39:91:79:36:F3 > Signature Algorithm: sha256WithRSAEncryption > > Is there a problem with the version of certificates made by puppet? Is > pulp requiring only v1? > > Best regards, > Cristian Falcas > >
_______________________________________________ Pulp-list mailing list Pulp-list@redhat.com https://www.redhat.com/mailman/listinfo/pulp-list