Hello Rick, Well, apparantly there was a misconfiguration in up2date. I moved it and tried again, this time, rhn_register worked as expected. Though, still no gpg keys in /usr/share/rhn (as described in the link to get a new certificate).
But, the system is registered and I can use yum, so I am a happy chap ! Thanks for helping me out ! cheers, Andy 2009/5/15 Rick Ring <[email protected]>: > > Hi Andy > > Hmm - a couple things don't make sense here: > > When you initially install RHEL it should copy the certificate and rpm keys > in to your system. Then when you log into your rhn account to register - it > will check your entitlements and allow you to register your systems. > > there are 2 places where information is kept. > > In /etc/sysconfig/rhn - there is an up2date file which identifies what > server you are pointing to (either the public Red Hat rhn servers or a local > Satellite Server). It also points to the location of the required > certificate down in /usr/share/rhn. > The server url for the rhn server is https://xmlrpc.rhn.redhat.com/XMLRPC > and the certificate for that is /usr/share/rhn/RHNS-CA-CERT. This cert is > delivered as part of the rhn-client-tools rpm which is on the install dvd in > the Server subdirectory. > > If you are using a local Satellite Server the url will point to your local > machine and the certificate would be stored in your > /usr/share/rhn/RHN-ORG-TRUSTED-SSL-CERT - and it would generally be > available from your satellite server at http://your-satellite/pub. Note > that those 2 different certificates are not interchangeable. > > The install DVD also has an RPM-GPG-KEU-redhat-release that gets imported > during installation. > > If you think your /etc/sysconfig/rhn/up2date file is misconfigured you can > simply move it and run rhn_register and it will rebuild the default file for > you. > > The RPM-GPG-KEY files on my RHEL5 system are at: > /etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-auxiliary > /etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-beta > /etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-former > /etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release > /etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-rhx > > Also - just fyi would need to do the rpm --import as root > > > Is this a copy of RHEL that you purchased or downloaded - or is an eval copy > from a class? > > > Let me know if I can help. > > Rick > > > > > Andy wrote: > So, > > I've reinstalled the system. Now I get the error that the certificate > isnt there: > > ERROR: can not find RHNS CA file: > /usr/share/rhn/RHN-ORG-TRUSTED-SSL-CERT > Please verify the value of sslCACert in > /etc/sysconfig/rhn/up2date > > an ls of /usr/share/rhn shows: > > [admi...@cpu01362 rhn]$ ls -l > total 52 > drwxr-xr-x 2 root root 4096 May 15 12:19 actions > -rw-r--r-- 1 root root 0 Dec 5 2006 __init__.py > -rw-r--r-- 1 root root 106 Dec 5 20:42 __init__.pyc > -rw-r--r-- 1 root root 106 Dec 5 20:42 __init__.pyo > -rw-r--r-- 1 root root 11381 Dec 5 2006 RHNS-CA-CERT > drwxr-xr-x 2 root root 4096 May 15 12:31 up2date_client > > The File RHNS-CA-CERT is a certificate, but wen I that file and rename > it to TRDSTED-SSL-CERT, is to no avail. > Now the system complains about > > "The certificate is expired. Please ensure you have the correct > certificate and your system time is correct." > > So, on google, I found this site: > > https://rhn.redhat.com/help/ssl_cert.pxt. > > Followed the instructions there, but then I run into a GPG problem. > > I downloaded the the SSL cert file, as well as the RHN signature file. > When I want to import RPM-GPG-KEY, the following error occurs: > > [admi...@cpu01362 rhn]$ gpg --import /usr/share/rhn/RHN-GPG-KEY > gpg: directory `/home/adminak/.gnupg' created > gpg: new configuration file `/home/adminak/.gnupg/gpg.conf' created > gpg: WARNING: options in `/home/adminak/.gnupg/gpg.conf' are not yet > active during this run > gpg: keyring `/home/adminak/.gnupg/secring.gpg' created > gpg: keyring `/home/adminak/.gnupg/pubring.gpg' created > gpg: can't open `/usr/share/rhn/RHN-GPG-KEY': No such file or directory > gpg: Total number processed: 0 > > It appears that the RPM-GPG-KEY isn't there. I'm kinda lost... > > > cheers, > Andy > > > > > > > 2009/5/15 Andy Kannberg <[email protected]>: >> Hi, >> >> I've installed a RedHat 5.3 server from CD. Now I want to register the >> system with 'rhn_register' . >> I then get a popup which says : >> >> The certificate is expired. Please ensure you have the correct >> certificate and your system time is correct. >> >> Where can I retrieve a new certificate ? >> >> cheers, >> Andy >> > > _______________________________________________ > rhelv5-list mailing list > [email protected] > https://www.redhat.com/mailman/listinfo/rhelv5-list > > > -- > ============ > Rick Ring > Solutions Architect, Red Hat > cell 719-338-7464 > office 719-538-5783 > > > > _______________________________________________ rhelv5-list mailing list [email protected] https://www.redhat.com/mailman/listinfo/rhelv5-list
