Avi, I am having a certificate related issue, that I'm hoping you can help me with.
I decided to move my SW environment into production, so I stood up a brand new SW server and redid the signed certificate according to your documentation. Everything works fine with the RHEL servers that I've attached, but I'm having certificate issues with SLES. When trying to get a package from the SW server I get the following error: Retrieving repository 'SLES 11 SP3 Channel' metadata [|] Download (curl) error for 'https://<SPWALK-SERVER>/XMLRPC/GET-REQ/sles11sp3_channel/repodata/repomd.xml?head_requests=no': Error code: Unrecognized error Error message: SSL certificate problem, verify that the CA cert is OK. Details: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed To the best of my knowledge the certificate is just fine. I've registered three or four SLES severs and they all get the same error when accessing the repository. Any suggestions on what I might have done wrong when creating the certificate? Thanks Daryl ________________________________________ From: spacewalk-list-boun...@redhat.com <spacewalk-list-boun...@redhat.com> on behalf of Daryl Rose <darylr...@outlook.com> Sent: Monday, August 31, 2015 10:58 AM To: spacewalk-list@redhat.com Subject: Re: [Spacewalk-list] How to use a signed certificate? Avi, The only real sticking point that I had was the root_ca.pem chain. I had no idea what that was and how to obtain it. I had to work with my Apache team and figure out exactly what it was, and how to get it. They had the appropriate certificates and then they showed me the correct order in which to put them so I could create the root_ca.pem file. Once I worked through that, I was able to get everything worked out. Thank you again for the help. Daryl ________________________________________ From: spacewalk-list-boun...@redhat.com <spacewalk-list-boun...@redhat.com> on behalf of Avi Miller <avi.mil...@oracle.com> Sent: Friday, August 28, 2015 4:18 PM To: spacewalk-list@redhat.com Subject: Re: [Spacewalk-list] How to use a signed certificate? Hey, > On 29 Aug 2015, at 3:43 am, Daryl Rose <darylr...@outlook.com> wrote: > > I just wanted to report that I was able successfully use your docs and use > our *.domain cert in my SW environment. There were a few times that I > thought that I would have to ask for assistance, but I was able to work > through those and get this working. Fantastic. If you have any notes on documentation improvements, please feel free to send those through to me directly so we can review and improve our documentation. Thanks, Avi -- Oracle <http://www.oracle.com> Avi Miller | Product Management Director | +61 (3) 8616 3496 Oracle Linux and Virtualization 417 St Kilda Road, Melbourne, Victoria 3004 Australia _______________________________________________ Spacewalk-list mailing list Spacewalk-list@redhat.com https://www.redhat.com/mailman/listinfo/spacewalk-list _______________________________________________ Spacewalk-list mailing list Spacewalk-list@redhat.com https://www.redhat.com/mailman/listinfo/spacewalk-list _______________________________________________ Spacewalk-list mailing list Spacewalk-list@redhat.com https://www.redhat.com/mailman/listinfo/spacewalk-list
