Hi Devan & Miroslaw, Thanks for your response. I have created a FQDN ,initally i have used localhost.localdomain,now I am using "tushar.enterprisedb.net" .(i am able to perform ping from different machine so i am assuming i have configured FQDN correctly)
Theses are the steps i have used after creating FQDN. 1.I tried to open webserver using "tushar.enterprisedb.net" but i got the same error which i reported yesertday i.e Forbidden You don't have permission to access / on this server. 2.I reboot my machine, just assmed afer rebooting it would work :-) but today was not my day. 3(a).then i tried to perform again configuration (spacewalk-setup --disconnected), i got this error DB hostname? localhost DB port [1521]? DB protocol [TCP]? Could not connect to the database. Your connection information may be incorrect. Error: DBI connect('xe','spacewalk',...) failed: ORA-12505: TNS:listener does not currently know of SID given in connect descriptor (DBD ERROR: OCIServerAttach) at /usr/lib/perl5/vendor_perl/5.8.8/Spacewalk/Setup.pm line 1102 This i have solved, I replaced localhost.localdomain to tushar.enterprisedb.net inside HOST parameter in tnsnames/listener.ora file ,i verified using spacewalk/spacew...@xe and was able to connect to sql*client. 3(b).then i again fired "spacewalk-setup --disconnected", i got Deploy SSL cerificate error Country code (Examples: "US", "JP", "IN", or type "?" to see a list)? IN ** SSL: Generating CA certificate. ** SSL: Deploying CA certificate. ** SSL: Generating server certificate. ** SSL: Storing SSL certificates. Could not deploy SSL certificate. Exit value: 1. Please examine /var/log/rhn/rhn-installation.log for more information. [r...@tushar admin]# (Enclosing rhn-installation.log ) I don't know why it is not deploying SSL certificate? 3.when i tried to restart satellite-httpd service, i got this error [r...@tushar admin]# service satellite-httpd start Starting satellite-httpd: Syntax error on line 117 of /etc/rhn/satellite-httpd/conf/ssl.conf: SSLCertificateFile: file '/etc/rhn/satellite-httpd/conf/ssl.crt/server.crt' does not exist or is empty [FAILED] [r...@tushar admin]# 4.also tried to restart rhn-satellite ,it started all the services but failed to start satellite-httpd [r...@tushar conf]# /sbin/rhn-satellite restart Shutting down rhn-satellite... Stopping rhn-search... Stopped rhn-search. Stopping satellite-httpd: [FAILED] Stopping tomcat5: [ OK ] Stopping RHN Taskomatic... Stopped RHN Taskomatic. Done. Starting rhn-satellite... Starting RHN Taskomatic... Starting tomcat5: [ OK ] Starting satellite-httpd: Syntax error on line 117 of /etc/rhn/satellite-httpd/conf/ssl.conf: SSLCertificateFile: file '/etc/rhn/satellite-httpd/conf/ssl.crt/server.crt' does not exist or is empty [FAILED] Starting rhn-search... Done. What could be the reasons? Ps:-1) yesterday when i had installed spacewalk server(using yum install spacewalk and spacewalk-setup --disconnected) ,it was showing webserver using https://localhost.localdomain or giving my IP , i faced the problem only after installing "Web Application" . 2)I have installed 0.3.version of spacewalk Thanks! -- regards, tushar On Thu, Jan 15, 2009 at 8:37 PM, Miroslav Suchý <msu...@redhat.com> wrote: > Devan Goodwin wrote: > >> But whenever i am trying to open browser for spacewalk server( >>> https://localhost.localdomain) >>> i am getting this error message >>> >>> Forbidden >>> >>> You don't have permission to access / on this server. >>> >>> Additionally, a 403 Forbidden error was encountered while trying to >>> use an ErrorDocument to handle the request. >>> ------------------------------ >>> Apache/2.2.3 (Red Hat) Server at 127.0.0.1 Port 80 >>> >>> it look like a Apache issue but i am not able to solve it. >>> >>> Any idea how to solve this ? >>> >> >> Could you try hitting from a non-localhost IP, this historically does >> not work in spacewalk and I don't recall that changing anytime recently. >> > > To be specific: Not need to access from different IP, but using fully > qualified domain name. > > -- > Miroslav Suchy > RHN Satellite Engineering, Red Hat > > > _______________________________________________ > Spacewalk-devel mailing list > Spacewalk-devel@redhat.com > https://www.redhat.com/mailman/listinfo/spacewalk-devel > -- -- regards, tushar
RHN Satellite installation log. Command: /usr/bin/spacewalk-setup /root/.gnupg/pubring.gpg ------------------------ pub 1024D/37017186 2006-12-06 uid Red Hat, Inc. (release key) <secur...@redhat.com> gpg: key 37017186: "Red Hat, Inc. (release key) <secur...@redhat.com>" not changed gpg: Total number processed: 1 gpg: unchanged: 1 /etc/sysconfig/rhn-satellite-prep/etc/satname /etc/sysconfig/rhn-satellite-prep/etc/webapp-keyring.gpg /etc/sysconfig/rhn-satellite-prep/etc/jabberd/s2s.xml /etc/sysconfig/rhn-satellite-prep/etc/jabberd/sm.xml /etc/sysconfig/rhn-satellite-prep/etc/jabberd/c2s.xml /etc/sysconfig/rhn-satellite-prep/etc/sysconfig/satellite-httpd /etc/sysconfig/rhn-satellite-prep/etc/rhn/rhn.conf /etc/sysconfig/rhn-satellite-prep/etc/rhn/rhn.conf.orig /etc/sysconfig/rhn-satellite-prep/etc/rhn/cluster.ini /etc/sysconfig/rhn-satellite-prep/etc/rhn/satellite-httpd/conf/ssl.conf /etc/sysconfig/rhn-satellite-prep/etc/rhn/satellite-httpd/conf/startup.pl /etc/sysconfig/rhn-satellite-prep/etc/rhn/satellite-httpd/conf/rhnweb.conf /etc/sysconfig/rhn-satellite-prep/etc/rhn/satellite-httpd/conf/workers.properties /etc/sysconfig/rhn-satellite-prep/etc/rhn/satellite-httpd/conf/httpd.conf /etc/sysconfig/rhn-satellite-prep/etc/rhn/satellite-httpd/conf/satidmap.pl /etc/sysconfig/rhn-satellite-prep/etc/rhn/satellite-httpd/conf/rhn/rhn_monitoring.conf /etc/sysconfig/rhn-satellite-prep/etc/tomcat5/tomcat5.conf /etc/sysconfig/rhn-satellite-prep/etc/init.d/satellite-httpd /etc/sysconfig/rhn-satellite-prep/etc/httpd/conf.d/satellite-installed.conf /etc/sysconfig/rhn-satellite-prep/etc -> /etc /etc/sysconfig/rhn-satellite-prep/etc/satname -> /etc/satname * Making backup of /etc/satname to /etc/sysconfig/rhn/backup-2009-01-16-13:33/etc/satname /etc/sysconfig/rhn-satellite-prep/etc/webapp-keyring.gpg -> /etc/webapp-keyring.gpg * Making backup of /etc/webapp-keyring.gpg to /etc/sysconfig/rhn/backup-2009-01-16-13:33/etc/webapp-keyring.gpg /etc/sysconfig/rhn-satellite-prep/etc/jabberd -> /etc/jabberd /etc/sysconfig/rhn-satellite-prep/etc/jabberd/s2s.xml -> /etc/jabberd/s2s.xml * Making backup of /etc/jabberd/s2s.xml to /etc/sysconfig/rhn/backup-2009-01-16-13:33/etc/jabberd/s2s.xml /etc/sysconfig/rhn-satellite-prep/etc/jabberd/sm.xml -> /etc/jabberd/sm.xml * Making backup of /etc/jabberd/sm.xml to /etc/sysconfig/rhn/backup-2009-01-16-13:33/etc/jabberd/sm.xml /etc/sysconfig/rhn-satellite-prep/etc/jabberd/c2s.xml -> /etc/jabberd/c2s.xml * Making backup of /etc/jabberd/c2s.xml to /etc/sysconfig/rhn/backup-2009-01-16-13:33/etc/jabberd/c2s.xml /etc/sysconfig/rhn-satellite-prep/etc/sysconfig -> /etc/sysconfig /etc/sysconfig/rhn-satellite-prep/etc/sysconfig/satellite-httpd -> /etc/sysconfig/satellite-httpd * Making backup of /etc/sysconfig/satellite-httpd to /etc/sysconfig/rhn/backup-2009-01-16-13:33/etc/sysconfig/satellite-httpd /etc/sysconfig/rhn-satellite-prep/etc/rhn -> /etc/rhn /etc/sysconfig/rhn-satellite-prep/etc/rhn/rhn.conf -> /etc/rhn/rhn.conf * Making backup of /etc/rhn/rhn.conf to /etc/sysconfig/rhn/backup-2009-01-16-13:33/etc/rhn/rhn.conf /etc/sysconfig/rhn-satellite-prep/etc/rhn/rhn.conf.orig -> /etc/rhn/rhn.conf.orig * Making backup of /etc/rhn/rhn.conf.orig to /etc/sysconfig/rhn/backup-2009-01-16-13:33/etc/rhn/rhn.conf.orig /etc/sysconfig/rhn-satellite-prep/etc/rhn/cluster.ini -> /etc/rhn/cluster.ini * Making backup of /etc/rhn/cluster.ini to /etc/sysconfig/rhn/backup-2009-01-16-13:33/etc/rhn/cluster.ini /etc/sysconfig/rhn-satellite-prep/etc/rhn/satellite-httpd -> /etc/rhn/satellite-httpd /etc/sysconfig/rhn-satellite-prep/etc/rhn/satellite-httpd/conf -> /etc/rhn/satellite-httpd/conf /etc/sysconfig/rhn-satellite-prep/etc/rhn/satellite-httpd/conf/ssl.conf -> /etc/rhn/satellite-httpd/conf/ssl.conf * Making backup of /etc/rhn/satellite-httpd/conf/ssl.conf to /etc/sysconfig/rhn/backup-2009-01-16-13:33/etc/rhn/satellite-httpd/conf/ssl.conf /etc/sysconfig/rhn-satellite-prep/etc/rhn/satellite-httpd/conf/startup.pl -> /etc/rhn/satellite-httpd/conf/startup.pl * Making backup of /etc/rhn/satellite-httpd/conf/startup.pl to /etc/sysconfig/rhn/backup-2009-01-16-13:33/etc/rhn/satellite-httpd/conf/startup.pl /etc/sysconfig/rhn-satellite-prep/etc/rhn/satellite-httpd/conf/rhnweb.conf -> /etc/rhn/satellite-httpd/conf/rhnweb.conf * Making backup of /etc/rhn/satellite-httpd/conf/rhnweb.conf to /etc/sysconfig/rhn/backup-2009-01-16-13:33/etc/rhn/satellite-httpd/conf/rhnweb.conf /etc/sysconfig/rhn-satellite-prep/etc/rhn/satellite-httpd/conf/workers.properties -> /etc/rhn/satellite-httpd/conf/workers.properties * Making backup of /etc/rhn/satellite-httpd/conf/workers.properties to /etc/sysconfig/rhn/backup-2009-01-16-13:33/etc/rhn/satellite-httpd/conf/workers.properties /etc/sysconfig/rhn-satellite-prep/etc/rhn/satellite-httpd/conf/httpd.conf -> /etc/rhn/satellite-httpd/conf/httpd.conf * Making backup of /etc/rhn/satellite-httpd/conf/httpd.conf to /etc/sysconfig/rhn/backup-2009-01-16-13:33/etc/rhn/satellite-httpd/conf/httpd.conf /etc/sysconfig/rhn-satellite-prep/etc/rhn/satellite-httpd/conf/satidmap.pl -> /etc/rhn/satellite-httpd/conf/satidmap.pl * Making backup of /etc/rhn/satellite-httpd/conf/satidmap.pl to /etc/sysconfig/rhn/backup-2009-01-16-13:33/etc/rhn/satellite-httpd/conf/satidmap.pl /etc/sysconfig/rhn-satellite-prep/etc/rhn/satellite-httpd/conf/rhn -> /etc/rhn/satellite-httpd/conf/rhn /etc/sysconfig/rhn-satellite-prep/etc/rhn/satellite-httpd/conf/rhn/rhn_monitoring.conf -> /etc/rhn/satellite-httpd/conf/rhn/rhn_monitoring.conf * Making backup of /etc/rhn/satellite-httpd/conf/rhn/rhn_monitoring.conf to /etc/sysconfig/rhn/backup-2009-01-16-13:33/etc/rhn/satellite-hUnsubstituted Tags: ttpd/conf/rhn/rhn_monitoring.conf /etc/sysconfig/rhn-satellite-prep/etc/tomcat5 -> /etc/tomcat5 /etc/sysconfig/rhn-satellite-prep/etc/tomcat5/tomcat5.conf -> /etc/tomcat5/tomcat5.conf * Making backup of /etc/tomcat5/tomcat5.conf to /etc/sysconfig/rhn/backup-2009-01-16-13:33/etc/tomcat5/tomcat5.conf /etc/sysconfig/rhn-satellite-prep/etc/init.d -> /etc/init.d /etc/sysconfig/rhn-satellite-prep/etc/init.d/satellite-httpd -> /etc/init.d/satellite-httpd * Making backup of /etc/init.d/satellite-httpd to /etc/sysconfig/rhn/backup-2009-01-16-13:33/etc/init.d/satellite-httpd /etc/sysconfig/rhn-satellite-prep/etc/httpd -> /etc/httpd /etc/sysconfig/rhn-satellite-prep/etc/httpd/conf.d -> /etc/httpd/conf.d /etc/sysconfig/rhn-satellite-prep/etc/httpd/conf.d/satellite-installed.conf -> /etc/httpd/conf.d/satellite-installed.conf * Making backup of /etc/httpd/conf.d/satellite-installed.conf to /etc/sysconfig/rhn/backup-2009-01-16-13:33/etc/httpd/conf.d/satellite-installed.conf Cmnd_Alias INSTALL_RHN = /sbin/service rhn-satellite restart,\ # The INSTALL_RHN commands are required for RHN Satellite apache ALL=(root) NOPASSWD: INSTALL_RHN tomcat ALL=(root) NOPASSWD: INSTALL_RHN # and INSTALL_RHN commands via sudo even without a real tty tomcat ALL=(root) NOPASSWD: CONFIG_RHN # These two directives allow tomcat and apache to invoke CONFIG_RHN ...working...Generating private CA key: /root/ssl-build/RHN-ORG-PRIVATE-SSL-KEY Rotated out: 'RHN-ORG-PRIVATE-SSL-KEY.6' Backup made: 'RHN-ORG-PRIVATE-SSL-KEY' --> 'RHN-ORG-PRIVATE-SSL-KEY.1' Rotated: RHN-ORG-PRIVATE-SSL-KEY --> RHN-ORG-PRIVATE-SSL-KEY.1 Rotated out: 'rhn-ca-openssl.cnf.6' Backup made: 'rhn-ca-openssl.cnf' --> 'rhn-ca-openssl.cnf.1' Rotated: rhn-ca-openssl.cnf --> rhn-ca-openssl.cnf.1 Generating public CA certificate: /root/ssl-build/RHN-ORG-TRUSTED-SSL-CERT Using distinguishing variables: --set-country = "IN" --set-state = "MH" --set-city = "pune" --set-org = "edb" --set-org-unit = "tushar.enterprisedb.net" --set-common-name = "tushar.enterprisedb.net" --set-email = "" Rotated out: 'RHN-ORG-TRUSTED-SSL-CERT.6' Backup made: 'RHN-ORG-TRUSTED-SSL-CERT' --> 'RHN-ORG-TRUSTED-SSL-CERT.1' Rotated: RHN-ORG-TRUSTED-SSL-CERT --> RHN-ORG-TRUSTED-SSL-CERT.1 Generating CA public certificate RPM: /root/ssl-build/rhn-org-trusted-ssl-cert-1.0-10.src.rpm /root/ssl-build/rhn-org-trusted-ssl-cert-1.0-10.noarch.rpm Make the public CA certficate publically available: (NOTE: the RHN Satellite or Proxy installers may do this step for you.) The "noarch" RPM and raw CA certificate can be made publically accessible by copying it to the /var/www/html/pub directory of your RHN Satellite or Proxy server. ...working... Generating the web server's SSL private key: /root/ssl-build/tushar/server.key Backup made: 'server.key' --> 'server.key.1' Rotated: server.key --> server.key.1 Backup made: 'rhn-server-openssl.cnf' --> 'rhn-server-openssl.cnf.1' Rotated: rhn-server-openssl.cnf --> rhn-server-openssl.cnf.1 Generating web server's SSL certificate request: /root/ssl-build/tushar/server.csr Using distinguished names: --set-country = "IN" --set-state = "MH" --set-city = "pune" --set-org = "edb" --set-org-unit = "tushar.enterprisedb.net" --set-hostname = "tushar.enterprisedb.net" --set-email = "tushar.ah...@enterprisedb.com" Backup made: 'server.csr' --> 'server.csr.1' Rotated: server.csr --> server.csr.1 Rotated out: 'rhn-ca-openssl.cnf.6' Backup made: 'rhn-ca-openssl.cnf' --> 'rhn-ca-openssl.cnf.1' Rotated: rhn-ca-openssl.cnf --> rhn-ca-openssl.cnf.1 Generating/signing web server's SSL certificate: server.crt Backup made: 'server.crt' --> 'server.crt.1' Rotated: server.crt --> server.crt.1 Generating web server's SSL key pair/set RPM: /root/ssl-build/tushar/rhn-org-httpd-ssl-key-pair-tushar-1.0-6.src.rpm /root/ssl-build/tushar/rhn-org-httpd-ssl-key-pair-tushar-1.0-6.noarch.rpm The most current RHN Proxy Server installation process against RHN hosted requires the upload of an SSL tar archive that contains the CA SSL public certificate and the web server's key set. Generating the web server's SSL key set and CA SSL public certificate archive: /root/ssl-build/tushar/rhn-org-httpd-ssl-archive-tushar-1.0-6.tar Deploy the server's SSL key pair/set RPM: (NOTE: the RHN Satellite or Proxy installers may do this step for you.) The "noarch" RPM needs to be deployed to the machine working as a web server, or RHN Satellite, or RHN Proxy. Presumably 'tushar.enterprisedb.net'. Preparing packages for installation... file /etc/httpd/conf/ssl.crt/server.crt from install of rhn-org-httpd-ssl-key-pair-tushar-1.0-6 conflicts with file from package rhn-org-httpd-ssl-key-pair-localhost.localdomain-1.0-2 file /etc/httpd/conf/ssl.csr/server.csr from install of rhn-org-httpd-ssl-key-pair-tushar-1.0-6 conflicts with file from package rhn-org-httpd-ssl-key-pair-localhost.localdomain-1.0-2 file /etc/httpd/conf/ssl.key/server.key from install of rhn-org-httpd-ssl-key-pair-tushar-1.0-6 conflicts with file from package rhn-org-httpd-ssl-key-pair-localhost.localdomain-1.0-2 file /etc/jabberd/server.pem from install of rhn-org-httpd-ssl-key-pair-tushar-1.0-6 conflicts with file from package rhn-org-httpd-ssl-key-pair-localhost.localdomain-1.0-2 Could not install /root/ssl-build/tushar/rhn-org-httpd-ssl-key-pair-tushar-1.0-6.noarch.rpm at /usr/bin/rhn-install-ssl-cert.pl line 69.
_______________________________________________ Spacewalk-devel mailing list Spacewalk-devel@redhat.com https://www.redhat.com/mailman/listinfo/spacewalk-devel