Why rhel 6 clients connected to Red Hat Satellite via RHN Proxy setup failing with 'Error: Cannot retrieve repository metadata (repomd.xml) for repository: rhel-x86_64-server-6. Please verify its path and try again' ?

Solution Verified - Updated -

Environment

  • Red Hat Satellite 5.5
  • Red Hat Network Proxy 5.x
  • Red Hat Enterprise Linux v.6

Issue

  • RHEL 6 clients connected to Red Hat Satellite via RHN Proxy setup, can't update RHEL 6 systemsRHN Proxy failing with error
'Error: Cannot retrieve repository metadata (repomd.xml) for repository: rhel-x86_64-server-6. Please verify its path and try again'
  • RHEL 5 clients are working fine and able to update connecting to Red Hat Satellite via RHN Proxy failing.

Resolution

  • The Proxy needs an FQDN, and a new SSL server cert/key pair to reflect it.

1.) On RHN Proxy Edit /etc/sysconfig/network, and change:

HOSTNAME=rhnproxy
to:
HOSTNAME=rhnproxy.example.com

2.) Reboot the system.

3.) Follow the "Regenerate the server key pair" steps in How to update SSL keys and CA certificates on Red Hat Network Proxy or Red Hat Satellite Server ?

4.) Make sure the clients can resolve rhnproxy.example.com to the Proxy's IP address, and that /etc/sysconfig/rhn/up2date uses the FQDN:

serverURL=https://rhnproxy.example.com/XMLRPC

Diagnostic Steps

  • Check the httpd logs on the satellite server for error messages :
[Sun Sep 14 03:30:01 2014] [warn] RSA server certificate CommonName (CN) `rhnproxy' does NOT match server name!?
[Mon Sep 15 20:00:37 2014] [error] [client xx.xxx.xxx.xxx] Invalid method in request quit
[Tue Sep 16 00:24:22 2014] [error] [client xx.xxx.xxx.xxx] File does not exist: /var/www/html/file1
[Tue Sep 16 16:38:37 2014] [warn] RSA server certificate CommonName (CN) `rhnproxy' does NOT match server name!?
[Tue Sep 16 16:38:37 2014] [warn] RSA server certificate CommonName (CN) `rhnproxy' does NOT match server name!?
[Tue Sep 16 16:42:08 2014] [warn] RSA server certificate CommonName (CN) `rhnproxy' does NOT match server name!?
[Tue Sep 16 16:42:08 2014] [warn] RSA server certificate CommonName (CN) `rhnproxy' does NOT match server name!?
[

----------------------------------------------------

# cat error_log

[Sun Sep 14 13:59:55 2014] [error] [client xx.xxx.xxx.xxx] client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23): /
[Sun Sep 14 21:50:15 2014] [error] [client xx.xxx.xxx.xxx] client sent HTTP/1.1 request without hostname (see RFC2616 section 14.23): /
[Sun Sep 14 22:08:57 2014] [error] [client xx.xxx.xxx.xxx] File does not exist: /var/www/html/robots.txt
[Tue Sep 16 16:44:04 2014] [notice] Apache/2.2.15 (Unix) DAV/2 mod_ssl/2.2.15 OpenSSL/1.0.1e-fips mod_wsgi/3.2 Python/2.6.6 configured -- resuming normal operations
[Tue Sep 16 16:44:25 2014] [error] Changing owner for /var/cache/rhn/proxy-auth failed

This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.

Comments