Show Table of Contents
9.3.2. Deploying Client SSL Certificates
To ensure secure data transfer, Red Hat strongly recommends the use of SSL. The RHN Satellite eases implementation of SSL by generating the necessary certificates during its installation. The server-side certificate is automatically installed on the Satellite itself, while the client certificate is placed in the
/pub/ directory of the Satellite's Web server.
To install the certificate, follow these steps for each client:
- Download the SSL certificate from the
/var/www/html/pub/directory of the RHN Satellite onto the client system. The certificate will be named something similar toRHN-ORG-TRUSTED-SSL-CERT. It is accessible via the web at the following URL:https://your-satellite.example.com/pub/RHN-ORG-TRUSTED-SSL-CERT. - Move the client SSL certificate to the RHN-specific directory for your UNIX variant. For Solaris, this can be accomplished with a command similar to:
mv /path/to/RHN-ORG-TRUSTED-SSL-CERT /opt/redhat/rhn/solaris/usr/share/rhn/
When finished, the new client certificate will be installed in the appropriate directory for your UNIX system. If you have a large number of systems to prepare for RHN management, you may script this entire process.
Now you must reconfigure the RHN client applications to refer to the newly installed SSL certificate. Refer to Section 9.3.3, “Configuring the clients” for instructions.
Where did the comment section go?
Red Hat's documentation publication system recently went through an upgrade to enable speedier, more mobile-friendly content. We decided to re-evaluate our commenting platform to ensure that it meets your expectations and serves as an optimal feedback mechanism. During this redesign, we invite your input on providing feedback on Red Hat documentation via the discussion platform.