I’m trying to set up an Uyuni proxy (using the proxy pattern) . It’s a bit of an unusual configuration:
  1. Uyuni server is a different domain

  2. Have network connectivity but not DNS resolution

  3. Application level firewall in between to networks
  4. Certificates are signed by a separate internal Intermediate [+root] CA

The networks will eventually get more integrated, but to get around 1 & 2, the proxy is in the server’s host file, and the server and internal CA are in the proxy’s host file.
This seems to work well enough to get the proxy system registered as a minion/client with the Uyuni server. However, once I’ve created the cert for the proxy, when trying to run configure-proxy.sh, we get

Requesting certificate from server. [1/20]

…

Requesting certificate from server. [20/20]

Certificate not received from server. Exit.

/etc/sysconfig/rhn/systemid:1: parser error : Document is empty

 

^

unable to parse /etc/sysconfig/rhn/systemid

SUSE Manager Parent [Uyuni_server.FQDNl]:

Using CA Chain (from /etc/sysconfig/rhn/up2date): /usr/share/rhn/RHN-ORG-TRUSTED-SSL-CERT

HTTP Proxy []:

Traceback email []: <removed spammer bait>
You will now need to either generate or import an SSL certificate.

This SSL certificate will allow client systems to connect to this Uyuni Proxy

securely. Refer to the Uyuni Proxy Installation Guide for more information.

Do you want to import existing certificates? [y/N]: y

Path to CA SSL certificate: []: /root/ssl-build/RHN-ORG-TRUSTED-SSL-CERT
Path to the Proxy Server's SSL key: []: /root/ssl-build/<proxy>.key

Path to the Proxy Server's SSL certificate: []: /root/ssl-build/<proxy>.crt

Installing SSL certificates:

XXX: User postgres does not exist

XXX: Group postgres does not exist

cp: '/usr/share/rhn/RHN-ORG-TRUSTED-SSL-CERT' and '/etc/pki/trust/anchors/RHN-ORG-TRUSTED-SSL-CERT' are the same file

WARNING: upon deactivation attempt: unknown error - <Fault -12: 'redstone.xmlrpc.XmlRpcFault: method invalid param'>

 

There was a problem activating the SUSE Manager Proxy entitlement:

WARNING: upon deactivation attempt: unknown error - <Fault -12: 'redstone.xmlrpc.XmlRpcFault: method invalid param'>

Proxy activation failed! Installation interrupted.

WARNING: upon deactivation attempt: unknown error - <Fault -12: 'redstone.xmlrpc.XmlRpcFault: method invalid param'>

There were some answers you had to enter manually.

Would you like to have written those into file

formatted as answers file? [Y/n]: y

Writing proxy-answers.txt.u4qp3

I’m hoping the first few errors aren’t too much of an issue. I’m not sure what I would have missed, step wise, to lead to the SUSE Manager Proxy entitlement errors. I didn’t find anything obvious through a google search for those errors. The CA certs have been installed on the proxy, so if I try to use wget to fetch a file from the pub folder on the Uyuni server, it has no apparent problems with cert verification.

I appreciate any suggestions or pointers you can offer.

 

Thanks,

Paul-Andre Panon