Michael,
today I tried current master and it turns out there is a problem with
certificates:
# yum info penguin
https://hp-dl580g7-02.xxx.com/pulp/repos/ACME_Corporation/testing/custom/...:
[Errno 14] PYCURL ERROR 77 - "Problem with the SSL CA cert (path? access
rights?)"
Trying other mirror.
I have filed a BZ on that:
https://bugzilla.redhat.com/show_bug.cgi?id=770066
At first sight I cannot tell you what is wrong. We will investigate this
soon. Thank you and have a nice Xmas too.
LZ
On Thu, Dec 22, 2011 at 11:45:53PM +0000, Michael Burbury wrote:
Dear list,
Thanks for the assistance. I did promote the content and after some investigation, the
error is stemming from:
[client X.X.X.X] mod_wsgi (pid=30291, process='', application=''):
Loading WSGI script '/srv/pulp/repo_auth.wsgi'.
[client X.X.X.X] mod_wsgi (pid=30291): Exception occurred processing WSGI script
'/srv/pulp/repo_auth.wsgi'.
[client X.X.X.X] Traceback (most recent call last):
[client X.X.X.X] File "/srv/pulp/repo_auth.wsgi", line 35, in check_password
[client X.X.X.X] authorized = _handle(environ)
[client X.X.X.X] File "/srv/pulp/repo_auth.wsgi", line 72, in _handle
[client X.X.X.X] result = f(environ)
[client X.X.X.X] File
"/usr/lib/python2.7/site-packages/pulp/repo_auth/oid_validation.py", line 55, in
authenticate
[client X.X.X.X] cert_pem =
environ["mod_ssl.var_lookup"]("SSL_CLIENT_CERT")
[client X.X.X.X] KeyError: 'mod_ssl.var_lookup'
[client X.X.X.X] access to
/pulp/repos/MyOrg/DCIS/custom/X86-64-Repo/EPEL-X86-64/repodata/repomd.xml failed, reason:
verification of user id '/CN=<snip>' not configured
I'm still investigating, but it appears the SSL validation is not quite working.
Thanks all and have a great Xmas!
Mike.
#####################################################################################
Confidentiality and Privilege Notice
This document is intended solely for the named addressee. The information contained in
the pages is confidential and contains legally privileged information. If you are not the
addressee indicated in this message (or responsible for delivery of the message to such
person), you may not copy or deliver this message to anyone, and you should destroy this
message and kindly notify the sender by reply email. Confidentiality and legal privilege
are not waived or lost by reason of mistaken delivery to you.
#####################################################################################
_______________________________________________
katello mailing list
katello(a)lists.fedorahosted.org
https://fedorahosted.org/mailman/listinfo/katello
--
Later,
Lukas Zapletal | E32E400A
RHN Satellite Engineering
Red Hat Czech s.r.o. Brno