Generate Satellite certificates on the Customer Portal - TAM Tip
- Login to the Red Hat Customer Portal
- Click on the "Subscriptions" tab
- Navigate to Entitlements under "Classic Management"
- Click on "Generate Satellite Certificate" under the "Management" section on the left-hand side navigation menu.
Responses
Guru
2135 points
What would be really beneficial here (although this is already a great step forward) would be the ability for a generated Satellite cert to be picked up by my Satellite automatically somehow.
Yes - there's an issue for disconnected Satellites, but that's customer choice.
If my Satellite is connected, could my new certs not be downloaded and applied as part of the satellite-sync command perhaps? If satellite-sync is deemed to be geared more towards synching content, is there some part of the rhn_check to RHN Hosted that could cope with this?
D
Hello Duncan, thanks for the feedback / suggestion!
A live satellite-sync does pull down the certificate from Hosted side - let's say user activates a certificate via RHN Classic Web UI (option 2 in https://access.redhat.com/knowledge/solutions/11061), then the next time satellite-sync is run, the new certificate will be pulled into the Satellite server.
So, right now a user can use the Portal tool to generate the certificate file, verify correctness, then navigate to the Satellite system details page (per solution above) to activate. What if, on the Portal Sat Cert Tool page, provide a link to the system details page to save some clicking? Or, an option to review the generated cert (instead of downloading) and then confirm to auto-apply, followed by a message that satellite-sync needs to be run to pull down the new cert?
We can enter a feature request on your behalf to see if this is feasible.
Guru
12851 points
To all,
This does not work for Not for Resale installations, for a demo Satellite server you still need to request a certificate via an account with a normal subscription.
Kind regards,
Jan Gerrit Kootstra
Guru
2135 points
Hi,
An RFE for this would be great. Anything that automates the process of getting new certificates to my Satellite (or System Engine soon) will help.
If certs are to be approved before being available for download to Satellite, there would need to be some way to compare the versions. I've had painful instances in the past where large numbers of machines were in unentitled due to an error in a cert. Would ideally store all certs on Hosted and allow me to select 2 to compare - or perhaps show the difference between each version.
D
Nice try with many Problems:
1. Doesn't work in Accounts with MultiSatellites
2. The owner Field is fixed, so it changes the Owner issued in the Certificate - this would change all KickstartURLs in Satellite :-( So without an Field where i can enter the Owner so it matches the Owner in the Acutaly Certificates, it would not help.
3. Calculation of the Certificate is same wrong as the Support doesn't calculate the Certificates correct.
Main problem -> For Developer Professional Support is Added 500 Virtual Server, but a Developer Support have 25 * Developer Suites included, and every Developer Subscription includes Unlimited Servers (so on Certificate Unlimited are marked as 100 in first step). So in Fact a Developer Professional Support have 25000 Virtual Server.
Generate a new Satellite Certificate
Customers with only one (1) Red Hat Network Satellite subscription can use the following tool to generate a new Satellite Certificate.