Mailinglist Archive: opensuse-autoinstall (49 mails)

< Previous Next >
[opensuse-autoinstall] Installation via HTTPS client certificate
Hi list,

I'm trying an auto installation (SLES11-SP1) via HTTPS and authentication with
client certificates.
To achieve this I copied CA certificate and client certificate into initrd,
executed c_rehash and edited
/root/.curlrc within initrd to know about the certificates:
--capath = /etc/ssl/certs/
--cert = /etc/ssl/client/xyz

profile is specified like

Unfortunately yast is still not able to fetch the profile.
When I do an ssh based installation ending up in the dialog where yast failes
I'm able to get
the profile from a second ssh console via curl without specifying any cert
curl shows the content of default file.

A check from outside the installation environment without specifying a
certificate fails with SSL Handshake error and proves that the virtual host
configuration seems ok.
The opposite check where I provided certificate parameters to curl from outside
worked as well.

/var/log/YaST/y2log within installation environment shows: Going to parse /root/.curlrc
2011-07-26 06:17:00 <1> [zypp++]
GOT: capath
2011-07-26 06:17:00 <1> [zypp++] Ignoring option capath
2011-07-26 06:17:00 <1> [zypp++]
GOT: cert
2011-07-26 06:17:00 <1> [zypp++] Ignoring option cert

which leads to the assumption that yast is not considering options from

Does anybody know how to configure yast/curl to accept parameters from .curlrc?
Another attempt could be to use aria2c within initrd since following line is
displayed in y2log:
aria2c not found. Falling back to curl

But will yast consider any certificate parameters for aria2c or will I end with
the same problem finally?


To unsubscribe, e-mail: opensuse-autoinstall+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse-autoinstall+help@xxxxxxxxxxxx

< Previous Next >
Follow Ups