Puppet SSL CA names are identical post satellite-installer?

Latest response

Both the CN and CA CN have the same name?

openssl s_client -connect <satellite_server>:8140

Prior to this I ran the installer; I needed to add a custom SSL cert to satellite:
Red Hat Satellite (build: 6.3.4)

    satellite-installer --scenario satellite\
                      --certs-server-cert "/etc/pki/tls/certs/localhost.crt"\
                      --certs-server-cert-req "/root/custom_ssl/localhost_csr.pem"\
                      --certs-server-key "/etc/pki/tls/private/localhost.key"\
                      --certs-server-ca-cert "/root/custom_ssl/custom_ssl.pem"\
                      --certs-update-server --certs-update-server-ca --certs-update-all

It seems like puppet didn't get the CA I specified? I can remedy this if I knew
the location of the puppet CA. Running openssl on 8140 I can see the problem,
but I have been having trouble tracking down the .pem file. The install went off without a hitch it's just this annoying little CN conflict I need to knock out.

Responses

I copied over my CA bundle into the puppet certs; everything works and Nessus seems to be okay with it even with it looking like a self signed cert on openssl. The directory for the puppet CA is in located here:

/var/lib/puppet/ssl/certs/

I might trying giving the installer a new cert bundle now that I have updated the it on my server. Has anyone else had trouble with custom certs and the RHEL satellite installer?

Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.