I'm trying to set up an Uyuni proxy (using the proxy pattern) . It's a bit of an unusual configuration:
1. Uyuni server is a different domain
2. Have network connectivity but not DNS resolution
3. Application level firewall in between to networks
4. Certificates are signed by a separate internal Intermediate [+root] CA
The networks will eventually get more integrated, but to get around 1 & 2, the proxy is in the server's host file, and the server and internal CA are in the proxy's host file.
This seems to work well enough to get the proxy system registered as a minion/client with the Uyuni server. However, once I've created the cert for the proxy, when trying to run configure-proxy.sh, we get
Requesting certificate from server. [1/20]
...
Requesting certificate from server. [20/20]
Certificate not received from server. Exit.
/etc/sysconfig/rhn/systemid:1: parser error : Document is empty
^
unable to parse /etc/sysconfig/rhn/systemid
SUSE Manager Parent [Uyuni_server.FQDNl]:
Using CA Chain (from /etc/sysconfig/rhn/up2date): /usr/share/rhn/RHN-ORG-TRUSTED-SSL-CERT
HTTP Proxy []:
Traceback email []: <removed spammer bait>
You will now need to either generate or import an SSL certificate.
This SSL certificate will allow client systems to connect to this Uyuni Proxy
securely. Refer to the Uyuni Proxy Installation Guide for more information.
Do you want to import existing certificates? [y/N]: y
Path to CA SSL certificate: []: /root/ssl-build/RHN-ORG-TRUSTED-SSL-CERT
Path to the Proxy Server's SSL key: []: /root/ssl-build/<proxy>.key
Path to the Proxy Server's SSL certificate: []: /root/ssl-build/<proxy>.crt
Installing SSL certificates:
XXX: User postgres does not exist
XXX: Group postgres does not exist
cp: '/usr/share/rhn/RHN-ORG-TRUSTED-SSL-CERT' and '/etc/pki/trust/anchors/RHN-ORG-TRUSTED-SSL-CERT' are the same file
WARNING: upon deactivation attempt: unknown error -