Hi Michele, Thanks for the information, I was check with the curl and download was not successfully. Can it be that in the apache2 settings are set up some content security policies are active, which block the HTTP download ? < Content-Security-Policy: default-src 'self' https: wss: ; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; img-src 'self' https: data: ;style-src 'self' https: 'unsafe-inline' I was changing nothing in the apache2 settings, so the default configuration is running on the system. As addon on the system I use the default Nagios installation for monitoring. Command output: curl -v http://uyuni/pub/bootstrap/bootstrap.sh * Trying xxx.xxx.xxx.xxx... * TCP_NODELAY set * Connected to uyuni (xxx.xxx.xxx.xxx) port 80 (#0)

GET /pub/bootstrap/bootstrap.sh HTTP/1.1 Host: uyuni User-Agent: curl/7.60.0 Accept: */*

< HTTP/1.1 200 OK < Date: Thu, 26 Sep 2019 06:47:19 GMT < Server: Apache < X-Frame-Options: SAMEORIGIN < Last-Modified: Tue, 24 Sep 2019 08:46:00 GMT < Accept-Ranges: bytes < Content-Length: 27178 < Content-Security-Policy: default-src 'self' https: wss: ; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; img-src 'self' https: data: ;style-src 'self' https: 'unsafe-inline' < X-XSS-Protection: 1; mode=block < X-Content-Type-Options: nosniff < X-Permitted-Cross-Domain-Policies: master-only < Content-Type: application/x-shellscript < * transfer closed with 27178 bytes remaining to read * stopped the pause stream! * Closing connection 0 curl: (18) transfer closed with 27178 bytes remaining to read Mit freundlichen Grüßen / With kind regards Alexander Kärcher Delivery Manager Linux/unix and Datamanagement DXC Technology Germany Faktorhaus, Berliner Platz 1, 67056 Ludwigshafen T +49 621 48187569 M +49 1525 47 54976 alexander.kaercher@dxc.com Planed absence: xx.xx.2019 – xx.xx.2019 EntServ Deutschland GmbH Schickardstr. 32 71034 Böblingen dxc.technology / Twitter / Facebook / LinkedIn Geschäftsführer: Dirk Schürmann, Joachim Löffler, Karl Anzboeck, Claus Schünemann Sitz der Gesellschaft: Böblingen, Amtsgericht Stuttgart HRB 757510 VAT ID: DE307881136 -----Ursprüngliche Nachricht----- Von: Michele Bologna Gesendet: Mittwoch, 25. September 2019 17:53 An: uyuni-users@opensuse.org Betreff: Re: [uyuni-users] http download is not possible from uyuni server On 25/09/2019, at 16:14, Kaercher, Alexander wrote:

--2019-09-25 16:01:44-- (try:20) http://uyuni/pub/bootstrap/bootstrap.sh

What happens when: % curl -v http://uyuni/pub/bootstrap/bootstrap.sh -- To unsubscribe, e-mail: mailto:uyuni-users+unsubscribe@opensuse.org To contact the owner, e-mail: mailto:uyuni-users+owner@opensuse.org EntServ Deutschland GmbH: Schickardstraße 32, 71034 Böblingen, Germany - Board of Directors: Dirk Schürmann, Joachim Löffler, Karl Anzboeck - Registered in Stuttgart: HRB 757510. DXC Technology Company -- This message is transmitted to you by or on behalf of DXC Technology Company or one of its affiliates. It is intended exclusively for the addressee. The substance of this message, along with any attachments, may contain proprietary, confidential or privileged information or information that is otherwise legally exempt from disclosure. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient of this message, you are not authorized to read, print, retain, copy or disseminate any part of this message. If you have received this message in error, please destroy and delete all copies and notify the sender by return e-mail. Regardless of content, this e-mail shall not operate to bind DXC Technology Company or any of its affiliates to any order or other contract unless pursuant to explicit written agreement or government initiative expressly permitting the use of e-mail for such purpose. --.

Hallo Michele, Yes, with https is the download successfully. Only http is not working. There is no firewall between the systems. Mit freundlichen Grüßen / With kind regards Alexander Kärcher -----Ursprüngliche Nachricht----- Von: Michele Bologna Gesendet: Donnerstag, 26. September 2019 11:03 An: uyuni-users@opensuse.org Betreff: Re: AW: [uyuni-users] http download is not possible from uyuni server On 26/09/2019, at 08:53, Kaercher, Alexander wrote:

Can it be that in the apache2 settings are set up some content security policies are active, which block the HTTP download ? < Content-Security-Policy: default-src 'self' https: wss: ; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; img-src 'self' https: data: ;style-src 'self' https: 'unsafe-inline'

I was changing nothing in the apache2 settings, so the default configuration is running on the system. As addon on the system I use the default Nagios installation for monitoring.

The headers are OK with what we ship, I do not think that the problem is in the Apache config.

* transfer closed with 27178 bytes remaining to read * stopped the pause stream! * Closing connection 0 curl: (18) transfer closed with 27178 bytes remaining to read

Looks like a network problem between you and the server: any firewall or deep packet inspection tool that blocks you from downloading application/x-shellscript files? Can you try with (note https instead of http): % curl -kv https://uyuni/pub/bootstrap/bootstrap.sh -- To unsubscribe, e-mail: uyuni-users+unsubscribe@opensuse.org To contact the owner, e-mail: uyuni-users+owner@opensuse.org EntServ Deutschland GmbH: Schickardstraße 32, 71034 Böblingen, Germany - Board of Directors: Dirk Schürmann, Joachim Löffler, Karl Anzboeck - Registered in Stuttgart: HRB 757510. DXC Technology Company -- This message is transmitted to you by or on behalf of DXC Technology Company or one of its affiliates. It is intended exclusively for the addressee. The substance of this message, along with any attachments, may contain proprietary, confidential or privileged information or information that is otherwise legally exempt from disclosure. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient of this message, you are not authorized to read, print, retain, copy or disseminate any part of this message. If you have received this message in error, please destroy and delete all copies and notify the sender by return e-mail. Regardless of content, this e-mail shall not operate to bind DXC Technology Company or any of its affiliates to any order or other contract unless pursuant to explicit written agreement or government initiative expressly permitting the use of e-mail for such purpose. --. N�����r��y隊[��x������칻�&ޢ��������'��-���w�zf��쮞+�z�>� ޮ�^�ˬz��