4.3.8. Configuring the Satellite
The Installation Script performs some basic configuration tasks on your Red Hat Satellite environment.
The Red Hat Satellite installation program downloads and installs the Red Hat GPG key and sets up the
/root/.gnupg/directory, if required.
* Configuring tomcat. * Setting up users and groups. ** GPG: Initializing GPG and importing key.
To activate Red Hat Satellite, provide the location of your certificate, downloaded in Chapter 3, Entitlement Certificate.
* Activating Red Hat Satellite. Where is your satellite certificate file? /root/certificate.xml ** Loading Red Hat Satellite Certificate. ** Verifying certificate locally. ** Activating Red Hat Satellite.
The next step is to create a CA certificate for SSL access. Answer
yto the Apache SSL configuration question, then answer the CA certificate questions.
- CA cert
- Enter a password for the certificate.
- Enter the name of your organization.
- Organization Unit
- Enter the name of your department within your organization.
- Email Address
- Enter an email address to be associated with this certificate, such as the admin email entered in the steps above.
- Enter your city.
- Enter your state.
- Enter your country. The country code must be exactly two letters, or the certificate generation fails. Type
?to see a list of country codes.
* Configuring apache SSL virtual host. Should setup configure apache's default ssl server for you (saves original ssl.conf) [Y]? ** /etc/httpd/conf.d/ssl.conf has been backed up to ssl.conf-swsave * Configuring jabberd. * Creating SSL certificates. CA certificate password? Re-enter CA certificate password? Organization? Red Hat Organization Unit [satellite.example.com]? Sales Email Address [firstname.lastname@example.org]? email@example.com City? Raleigh State? NC Country code (Examples: "US", "JP", "IN", or type "?" to see a list)? US ** SSL: Generating CA certificate. ** SSL: Deploying CA certificate. ** SSL: Generating server certificate. ** SSL: Storing SSL certificates. * Deploying configuration files. * Update configuration in database.
After the CA certificate is created, you are asked if you want to enable the services required by Cobbler. If you will be using PXE provisioning functionality, reply
* Setting up Cobbler.. cobblerd does not appear to be running/accessible Cobbler requires tftp and xinetd services be turned on for PXE provisioning functionality. Enable these services [Y]?
After Cobbler is configured, the installation program restarts the associated services.
* Restarting services. Installation complete. Visit https://satellite.example.com to create the Red Hat Satellite administrator account.
If you will be using Cobbler for provisioning hosts, grant Cobbler write access to the /tftpboot directory.
# setsebool -P cobbler_anon_write on