Red Hat Training

A Red Hat training course is available for Red Hat Satellite

2.2. Configuring the Client Applications

Not every customer must connect securely to a RHN Satellite Server or RHN Proxy Server within their organization. Not every customer needs to build and deploy a GPG key for custom packages. (Both of these topics are explained in detail later.) Every customer who uses RHN Satellite Server or RHN Proxy Server must reconfigure the Red Hat Update Agent (up2date) and possibly the Red Hat Network Registration Client (rhn_register) to redirect it from Red Hat Network to their RHN Satellite Server or RHN Proxy Server.

Important

Although this is not configurable, note that the port used by the up2date is 80 for HTTP and 443 for secure HTTP (HTTPS). By default, yum on Red Hat Enterprise Linux 5 uses SSL only. For this reason, users should ensure that their firewalls allow connections over port 443. To bypass SSL, change the protocol for serverURL from https to http in /etc/sysconfig/rhn/up2date. Similarly, to use RHN's Monitoring feature and probes requiring the Red Hat Network Monitoring Daemon, note that client systems must allow connections on port 4545 (or port 22, if using sshd instead).
By default, the rhn_register and up2date refer to the main Red Hat Network Servers. Users must reconfigure client systems to refer to their RHN Satellite Server or RHN Proxy Server.
Note that the latest versions of the Red Hat Update Agent can be configured to accommodate several RHN Servers, thereby providing failover protection in case the primary server is inaccessible. Refer to Section 2.2.5, “Implementing Server Failover” for instructions on enabling this feature.
The next sections describe different methods of configuring the client systems to access your RHN Satellite Server or RHN Proxy Server. To see how virtually all reconfiguration can be scripted, see Chapter 6, Manually Scripting the Configuration.

2.2.1. Registering Clients to Red Hat Network RHN Satellite Server

To register a system with a RHN Satellite Server, you will need the fully qualified domain name (FQDN) and the SSL cert of the RHN Satellite Server.
  1. Download the SSL certificate to the client: 
    cd /usr/share/rhn/
wget http://satellite.example.com/pub/RHN-ORG-TRUSTED-SSL-CERT
  2. Edit the /etc/sysconfig/rhn/up2date file: 
    serverURL=https://satellite.example.com/XMLRPC
noSSLServerURL=http://satellite.example.com/XMLRPC
sslCACert=/usr/share/rhn/RHN-ORG-TRUSTED-SSL-CERT
  3. Register the machine: 
    rhn_register