Re: [Spacewalk-devel] PGPORT (installation issue using make)

tushar ahuja Fri, 16 Jan 2009 03:56:00 -0800

Hi Devan & Miroslaw,

Thanks for your response. I have created a FQDN ,initally i have used
localhost.localdomain,now I am using "tushar.enterprisedb.net" .(i am able
to perform ping from different machine so i am assuming i have configured
FQDN correctly)

Theses are the steps i have used after creating FQDN.

1.I tried to open webserver using "tushar.enterprisedb.net" but i got the
same error which i reported yesertday i.e
Forbidden
You don't have permission to access / on this server.

2.I reboot my machine, just assmed afer rebooting it would work :-)  but
today was not my day.

3(a).then i tried to perform again configuration (spacewalk-setup
--disconnected), i got this error

DB hostname? localhost
DB port [1521]?
DB protocol [TCP]?
Could not connect to the database.  Your connection information may be
incorrect.  Error: DBI connect('xe','spacewalk',...) failed: ORA-12505:
TNS:listener does not currently know of SID given in connect descriptor (DBD
ERROR: OCIServerAttach) at
/usr/lib/perl5/vendor_perl/5.8.8/Spacewalk/Setup.pm line 1102

This i have solved, I replaced localhost.localdomain to
tushar.enterprisedb.net inside HOST parameter in tnsnames/listener.ora file
,i verified using spacewalk/spacew...@xe and  was able to connect to
sql*client.

3(b).then i again fired "spacewalk-setup --disconnected", i got Deploy SSL
cerificate  error

Country code (Examples: "US", "JP", "IN", or type "?" to see a list)? IN
** SSL: Generating CA certificate.
** SSL: Deploying CA certificate.
** SSL: Generating server certificate.
** SSL: Storing SSL certificates.
Could not deploy SSL certificate.  Exit value: 1.
Please examine /var/log/rhn/rhn-installation.log for more information.
[r...@tushar admin]#

(Enclosing rhn-installation.log )

I don't know why it is not deploying SSL certificate?

3.when i tried to restart satellite-httpd service, i got this error

[r...@tushar admin]# service satellite-httpd start
Starting satellite-httpd: Syntax error on line 117 of
/etc/rhn/satellite-httpd/conf/ssl.conf:
SSLCertificateFile: file '/etc/rhn/satellite-httpd/conf/ssl.crt/server.crt'
does not exist or is empty
                                                           [FAILED]
[r...@tushar admin]#

4.also tried to restart rhn-satellite ,it started all the services but
failed to start satellite-httpd

[r...@tushar conf]# /sbin/rhn-satellite restart
Shutting down rhn-satellite...
Stopping rhn-search...
Stopped rhn-search.
Stopping satellite-httpd:                                  [FAILED]
Stopping tomcat5:                                          [  OK  ]
Stopping RHN Taskomatic...
Stopped RHN Taskomatic.
Done.
Starting rhn-satellite...
Starting RHN Taskomatic...
Starting tomcat5:                                          [  OK  ]
Starting satellite-httpd: Syntax error on line 117 of
/etc/rhn/satellite-httpd/conf/ssl.conf:
SSLCertificateFile: file '/etc/rhn/satellite-httpd/conf/ssl.crt/server.crt'
does not exist or is empty
                                                           [FAILED]
Starting rhn-search...
Done.

What could be the reasons?

Ps:-1) yesterday when i had installed spacewalk server(using yum install
spacewalk and spacewalk-setup  --disconnected) ,it was showing webserver
using https://localhost.localdomain or giving my IP , i faced the problem
only after installing "Web  Application" .

     2)I have installed 0.3.version of  spacewalk

    Thanks!

                                                    --
                                             regards, tushar

On Thu, Jan 15, 2009 at 8:37 PM, Miroslav Suchý <msu...@redhat.com> wrote:

> Devan Goodwin wrote:
>
>> But whenever i am trying to  open browser for spacewalk server(
>>> https://localhost.localdomain)
>>>  i am getting this error message
>>>
>>> Forbidden
>>>
>>> You don't have permission to access / on this server.
>>>
>>> Additionally, a 403 Forbidden error was encountered while trying to
>>> use an ErrorDocument to handle the request.
>>> ------------------------------
>>> Apache/2.2.3 (Red Hat) Server at 127.0.0.1 Port 80
>>>
>>> it look like a Apache issue but i am not able to solve it.
>>>
>>> Any idea how to solve this ?
>>>
>>
>> Could you try hitting from a non-localhost IP, this historically does
>> not work in spacewalk and I don't recall that changing anytime recently.
>>
>
> To be specific: Not need to access from different IP, but using fully
> qualified domain name.
>
> --
> Miroslav Suchy
> RHN Satellite Engineering, Red Hat
>
>
> _______________________________________________
> Spacewalk-devel mailing list
> Spacewalk-devel@redhat.com
> https://www.redhat.com/mailman/listinfo/spacewalk-devel
>

-- 
--
regards, tushar

RHN Satellite installation log.
Command: /usr/bin/spacewalk-setup 

/root/.gnupg/pubring.gpg
------------------------
pub   1024D/37017186 2006-12-06
uid                  Red Hat, Inc. (release key) <secur...@redhat.com>

gpg: key 37017186: "Red Hat, Inc. (release key) <secur...@redhat.com>" not changed
gpg: Total number processed: 1
gpg:              unchanged: 1
/etc/sysconfig/rhn-satellite-prep/etc/satname
/etc/sysconfig/rhn-satellite-prep/etc/webapp-keyring.gpg
/etc/sysconfig/rhn-satellite-prep/etc/jabberd/s2s.xml
/etc/sysconfig/rhn-satellite-prep/etc/jabberd/sm.xml
/etc/sysconfig/rhn-satellite-prep/etc/jabberd/c2s.xml
/etc/sysconfig/rhn-satellite-prep/etc/sysconfig/satellite-httpd
/etc/sysconfig/rhn-satellite-prep/etc/rhn/rhn.conf
/etc/sysconfig/rhn-satellite-prep/etc/rhn/rhn.conf.orig
/etc/sysconfig/rhn-satellite-prep/etc/rhn/cluster.ini
/etc/sysconfig/rhn-satellite-prep/etc/rhn/satellite-httpd/conf/ssl.conf
/etc/sysconfig/rhn-satellite-prep/etc/rhn/satellite-httpd/conf/startup.pl
/etc/sysconfig/rhn-satellite-prep/etc/rhn/satellite-httpd/conf/rhnweb.conf
/etc/sysconfig/rhn-satellite-prep/etc/rhn/satellite-httpd/conf/workers.properties
/etc/sysconfig/rhn-satellite-prep/etc/rhn/satellite-httpd/conf/httpd.conf
/etc/sysconfig/rhn-satellite-prep/etc/rhn/satellite-httpd/conf/satidmap.pl
/etc/sysconfig/rhn-satellite-prep/etc/rhn/satellite-httpd/conf/rhn/rhn_monitoring.conf
/etc/sysconfig/rhn-satellite-prep/etc/tomcat5/tomcat5.conf
/etc/sysconfig/rhn-satellite-prep/etc/init.d/satellite-httpd
/etc/sysconfig/rhn-satellite-prep/etc/httpd/conf.d/satellite-installed.conf
/etc/sysconfig/rhn-satellite-prep/etc -> /etc
/etc/sysconfig/rhn-satellite-prep/etc/satname -> /etc/satname
 * Making backup of /etc/satname to /etc/sysconfig/rhn/backup-2009-01-16-13:33/etc/satname
/etc/sysconfig/rhn-satellite-prep/etc/webapp-keyring.gpg -> /etc/webapp-keyring.gpg
 * Making backup of /etc/webapp-keyring.gpg to /etc/sysconfig/rhn/backup-2009-01-16-13:33/etc/webapp-keyring.gpg
/etc/sysconfig/rhn-satellite-prep/etc/jabberd -> /etc/jabberd
/etc/sysconfig/rhn-satellite-prep/etc/jabberd/s2s.xml -> /etc/jabberd/s2s.xml
 * Making backup of /etc/jabberd/s2s.xml to /etc/sysconfig/rhn/backup-2009-01-16-13:33/etc/jabberd/s2s.xml
/etc/sysconfig/rhn-satellite-prep/etc/jabberd/sm.xml -> /etc/jabberd/sm.xml
 * Making backup of /etc/jabberd/sm.xml to /etc/sysconfig/rhn/backup-2009-01-16-13:33/etc/jabberd/sm.xml
/etc/sysconfig/rhn-satellite-prep/etc/jabberd/c2s.xml -> /etc/jabberd/c2s.xml
 * Making backup of /etc/jabberd/c2s.xml to /etc/sysconfig/rhn/backup-2009-01-16-13:33/etc/jabberd/c2s.xml
/etc/sysconfig/rhn-satellite-prep/etc/sysconfig -> /etc/sysconfig
/etc/sysconfig/rhn-satellite-prep/etc/sysconfig/satellite-httpd -> /etc/sysconfig/satellite-httpd
 * Making backup of /etc/sysconfig/satellite-httpd to /etc/sysconfig/rhn/backup-2009-01-16-13:33/etc/sysconfig/satellite-httpd
/etc/sysconfig/rhn-satellite-prep/etc/rhn -> /etc/rhn
/etc/sysconfig/rhn-satellite-prep/etc/rhn/rhn.conf -> /etc/rhn/rhn.conf
 * Making backup of /etc/rhn/rhn.conf to /etc/sysconfig/rhn/backup-2009-01-16-13:33/etc/rhn/rhn.conf
/etc/sysconfig/rhn-satellite-prep/etc/rhn/rhn.conf.orig -> /etc/rhn/rhn.conf.orig
 * Making backup of /etc/rhn/rhn.conf.orig to /etc/sysconfig/rhn/backup-2009-01-16-13:33/etc/rhn/rhn.conf.orig
/etc/sysconfig/rhn-satellite-prep/etc/rhn/cluster.ini -> /etc/rhn/cluster.ini
 * Making backup of /etc/rhn/cluster.ini to /etc/sysconfig/rhn/backup-2009-01-16-13:33/etc/rhn/cluster.ini
/etc/sysconfig/rhn-satellite-prep/etc/rhn/satellite-httpd -> /etc/rhn/satellite-httpd
/etc/sysconfig/rhn-satellite-prep/etc/rhn/satellite-httpd/conf -> /etc/rhn/satellite-httpd/conf
/etc/sysconfig/rhn-satellite-prep/etc/rhn/satellite-httpd/conf/ssl.conf -> /etc/rhn/satellite-httpd/conf/ssl.conf
 * Making backup of /etc/rhn/satellite-httpd/conf/ssl.conf to /etc/sysconfig/rhn/backup-2009-01-16-13:33/etc/rhn/satellite-httpd/conf/ssl.conf
/etc/sysconfig/rhn-satellite-prep/etc/rhn/satellite-httpd/conf/startup.pl -> /etc/rhn/satellite-httpd/conf/startup.pl
 * Making backup of /etc/rhn/satellite-httpd/conf/startup.pl to /etc/sysconfig/rhn/backup-2009-01-16-13:33/etc/rhn/satellite-httpd/conf/startup.pl
/etc/sysconfig/rhn-satellite-prep/etc/rhn/satellite-httpd/conf/rhnweb.conf -> /etc/rhn/satellite-httpd/conf/rhnweb.conf
 * Making backup of /etc/rhn/satellite-httpd/conf/rhnweb.conf to /etc/sysconfig/rhn/backup-2009-01-16-13:33/etc/rhn/satellite-httpd/conf/rhnweb.conf
/etc/sysconfig/rhn-satellite-prep/etc/rhn/satellite-httpd/conf/workers.properties -> /etc/rhn/satellite-httpd/conf/workers.properties
 * Making backup of /etc/rhn/satellite-httpd/conf/workers.properties to /etc/sysconfig/rhn/backup-2009-01-16-13:33/etc/rhn/satellite-httpd/conf/workers.properties
/etc/sysconfig/rhn-satellite-prep/etc/rhn/satellite-httpd/conf/httpd.conf -> /etc/rhn/satellite-httpd/conf/httpd.conf
 * Making backup of /etc/rhn/satellite-httpd/conf/httpd.conf to /etc/sysconfig/rhn/backup-2009-01-16-13:33/etc/rhn/satellite-httpd/conf/httpd.conf
/etc/sysconfig/rhn-satellite-prep/etc/rhn/satellite-httpd/conf/satidmap.pl -> /etc/rhn/satellite-httpd/conf/satidmap.pl
 * Making backup of /etc/rhn/satellite-httpd/conf/satidmap.pl to /etc/sysconfig/rhn/backup-2009-01-16-13:33/etc/rhn/satellite-httpd/conf/satidmap.pl
/etc/sysconfig/rhn-satellite-prep/etc/rhn/satellite-httpd/conf/rhn -> /etc/rhn/satellite-httpd/conf/rhn
/etc/sysconfig/rhn-satellite-prep/etc/rhn/satellite-httpd/conf/rhn/rhn_monitoring.conf -> /etc/rhn/satellite-httpd/conf/rhn/rhn_monitoring.conf
 * Making backup of /etc/rhn/satellite-httpd/conf/rhn/rhn_monitoring.conf to /etc/sysconfig/rhn/backup-2009-01-16-13:33/etc/rhn/satellite-hUnsubstituted Tags:
ttpd/conf/rhn/rhn_monitoring.conf
/etc/sysconfig/rhn-satellite-prep/etc/tomcat5 -> /etc/tomcat5
/etc/sysconfig/rhn-satellite-prep/etc/tomcat5/tomcat5.conf -> /etc/tomcat5/tomcat5.conf
 * Making backup of /etc/tomcat5/tomcat5.conf to /etc/sysconfig/rhn/backup-2009-01-16-13:33/etc/tomcat5/tomcat5.conf
/etc/sysconfig/rhn-satellite-prep/etc/init.d -> /etc/init.d
/etc/sysconfig/rhn-satellite-prep/etc/init.d/satellite-httpd -> /etc/init.d/satellite-httpd
 * Making backup of /etc/init.d/satellite-httpd to /etc/sysconfig/rhn/backup-2009-01-16-13:33/etc/init.d/satellite-httpd
/etc/sysconfig/rhn-satellite-prep/etc/httpd -> /etc/httpd
/etc/sysconfig/rhn-satellite-prep/etc/httpd/conf.d -> /etc/httpd/conf.d
/etc/sysconfig/rhn-satellite-prep/etc/httpd/conf.d/satellite-installed.conf -> /etc/httpd/conf.d/satellite-installed.conf
 * Making backup of /etc/httpd/conf.d/satellite-installed.conf to /etc/sysconfig/rhn/backup-2009-01-16-13:33/etc/httpd/conf.d/satellite-installed.conf
Cmnd_Alias INSTALL_RHN = /sbin/service rhn-satellite restart,\
# The INSTALL_RHN commands are required for RHN Satellite
apache  ALL=(root)      NOPASSWD: INSTALL_RHN
tomcat  ALL=(root)      NOPASSWD: INSTALL_RHN
# and INSTALL_RHN commands via sudo even without a real tty
tomcat  ALL=(root)      NOPASSWD: CONFIG_RHN
# These two directives allow tomcat and apache to invoke CONFIG_RHN

...working...Generating private CA key: /root/ssl-build/RHN-ORG-PRIVATE-SSL-KEY
Rotated out: 'RHN-ORG-PRIVATE-SSL-KEY.6'

Backup made: 'RHN-ORG-PRIVATE-SSL-KEY' --> 'RHN-ORG-PRIVATE-SSL-KEY.1'

Rotated: RHN-ORG-PRIVATE-SSL-KEY --> RHN-ORG-PRIVATE-SSL-KEY.1
Rotated out: 'rhn-ca-openssl.cnf.6'

Backup made: 'rhn-ca-openssl.cnf' --> 'rhn-ca-openssl.cnf.1'

Rotated: rhn-ca-openssl.cnf --> rhn-ca-openssl.cnf.1

Generating public CA certificate: /root/ssl-build/RHN-ORG-TRUSTED-SSL-CERT
Using distinguishing variables:
    --set-country      = "IN"
    --set-state        = "MH"
    --set-city         = "pune"
    --set-org          = "edb"
    --set-org-unit     = "tushar.enterprisedb.net"
    --set-common-name  = "tushar.enterprisedb.net"
    --set-email        = ""
Rotated out: 'RHN-ORG-TRUSTED-SSL-CERT.6'

Backup made: 'RHN-ORG-TRUSTED-SSL-CERT' --> 'RHN-ORG-TRUSTED-SSL-CERT.1'

Rotated: RHN-ORG-TRUSTED-SSL-CERT --> RHN-ORG-TRUSTED-SSL-CERT.1

Generating CA public certificate RPM:
    /root/ssl-build/rhn-org-trusted-ssl-cert-1.0-10.src.rpm
    /root/ssl-build/rhn-org-trusted-ssl-cert-1.0-10.noarch.rpm

Make the public CA certficate publically available:
    (NOTE: the RHN Satellite or Proxy installers may do this step for you.)
    The "noarch" RPM and raw CA certificate can be made publically accessible
    by copying it to the /var/www/html/pub directory of your RHN Satellite or
    Proxy server.

...working...

Generating the web server's SSL private key: /root/ssl-build/tushar/server.key
Backup made: 'server.key' --> 'server.key.1'

Rotated: server.key --> server.key.1
Backup made: 'rhn-server-openssl.cnf' --> 'rhn-server-openssl.cnf.1'

Rotated: rhn-server-openssl.cnf --> rhn-server-openssl.cnf.1

Generating web server's SSL certificate request: /root/ssl-build/tushar/server.csr
Using distinguished names:
    --set-country      = "IN"
    --set-state        = "MH"
    --set-city         = "pune"
    --set-org          = "edb"
    --set-org-unit     = "tushar.enterprisedb.net"
    --set-hostname     = "tushar.enterprisedb.net"
    --set-email        = "tushar.ah...@enterprisedb.com"
Backup made: 'server.csr' --> 'server.csr.1'

Rotated: server.csr --> server.csr.1
Rotated out: 'rhn-ca-openssl.cnf.6'

Backup made: 'rhn-ca-openssl.cnf' --> 'rhn-ca-openssl.cnf.1'

Rotated: rhn-ca-openssl.cnf --> rhn-ca-openssl.cnf.1

Generating/signing web server's SSL certificate: server.crt
Backup made: 'server.crt' --> 'server.crt.1'

Rotated: server.crt --> server.crt.1

Generating web server's SSL key pair/set RPM:
    /root/ssl-build/tushar/rhn-org-httpd-ssl-key-pair-tushar-1.0-6.src.rpm
    /root/ssl-build/tushar/rhn-org-httpd-ssl-key-pair-tushar-1.0-6.noarch.rpm

The most current RHN Proxy Server installation process against RHN hosted
requires the upload of an SSL tar archive that contains the CA SSL public
certificate and the web server's key set.

Generating the web server's SSL key set and CA SSL public certificate archive:
    /root/ssl-build/tushar/rhn-org-httpd-ssl-archive-tushar-1.0-6.tar

Deploy the server's SSL key pair/set RPM:
    (NOTE: the RHN Satellite or Proxy installers may do this step for you.)
    The "noarch" RPM needs to be deployed to the machine working as a
    web server, or RHN Satellite, or RHN Proxy.
    Presumably 'tushar.enterprisedb.net'.
Preparing packages for installation...
	file /etc/httpd/conf/ssl.crt/server.crt from install of rhn-org-httpd-ssl-key-pair-tushar-1.0-6 conflicts with file from package rhn-org-httpd-ssl-key-pair-localhost.localdomain-1.0-2
	file /etc/httpd/conf/ssl.csr/server.csr from install of rhn-org-httpd-ssl-key-pair-tushar-1.0-6 conflicts with file from package rhn-org-httpd-ssl-key-pair-localhost.localdomain-1.0-2
	file /etc/httpd/conf/ssl.key/server.key from install of rhn-org-httpd-ssl-key-pair-tushar-1.0-6 conflicts with file from package rhn-org-httpd-ssl-key-pair-localhost.localdomain-1.0-2
	file /etc/jabberd/server.pem from install of rhn-org-httpd-ssl-key-pair-tushar-1.0-6 conflicts with file from package rhn-org-httpd-ssl-key-pair-localhost.localdomain-1.0-2
Could not install /root/ssl-build/tushar/rhn-org-httpd-ssl-key-pair-tushar-1.0-6.noarch.rpm at /usr/bin/rhn-install-ssl-cert.pl line 69.

_______________________________________________
Spacewalk-devel mailing list
Spacewalk-devel@redhat.com
https://www.redhat.com/mailman/listinfo/spacewalk-devel

Re: [Spacewalk-devel] PGPORT (installation issue using make)

Reply via email to