Modifying a satellite VMware's compute resource after changing vCenters SSL certificate

Solution Verified - Updated -

Environment

Red Hat Satellite 6.4

Issue

  • When modifying a satellite VMware's compute resource or access it via webUI after changing vCenters SSL certificate
ERF56-4248 [Foreman::FingerprintException]: The remote system presented a public key with the hash 715cdf35384afeb386f878f20aecce11e682fd291c4559e045cfce385b8975f1 but Satellite was expecting a different hash

Resolution

1) Get the compute resource information including the hash value.

# su - postgres -c "psql -d foreman -c\"select id,name,attrs from compute_resources where name='COMPUTE-RESOURCE-NAME';\""

 id |  name  |                                     attrs                                      
----+--------+--------------------------------------------------------------------------------
  3 | VMtest | ---                                                                           +
    |        | :display: vmrc                                                                +
    |        | :setpw: 0                                                                     +
    |        | :pubkey_hash: 0cec3b32d804d14caf07b9b060054ef538caa0883ba80f4c04e266f42185c358+
    |        | 

2) Update the hash value with the new one .

# foreman-rake console
# ComputeResource.find_by(name: 'COMPUTE-RESOURCE-NAME').update(:pubkey_hash => '715cdf35384afeb386f878f20aecce11e682fd291c4559e045cfce385b8975f1')

3) Check the compute resource information again.

# su - postgres -c "psql -d foreman -c\"select id,name,attrs from compute_resources where name='COMPUTE-RESOURCE-NAME';\""
 id |  name  |                                     attrs                                      
----+--------+--------------------------------------------------------------------------------
  3 | VMtest | ---                                                                           +
    |        | :display: vmrc                                                                +
    |        | :setpw: 0                                                                     +
    |        | :pubkey_hash: 715cdf35384afeb386f878f20aecce11e682fd291c4559e045cfce385b8975f1+
    |        | 

For more KB articles/solutions related to Red Hat Satellite 6.x SSL Certificates Issues, please refer to the Consolidated Troubleshooting Article for Red Hat Satellite 6.x SSL Certificates Issues

Root Cause

  • After changing the vCenter SSL certificate , it has a new hash value which mismatch with the one stored on the satellite server.
    The issue is being tracked in a Bugzilla 1697303 filed with the Red Hat Satellite Engineering team.

Diagnostic Steps

1) When accessing the compute resource page on the webUI and try to make any modification , you get the following error :

ERF56-4248 [Foreman::FingerprintException]: The remote system presented a public key with the hash 715cdf35384afeb386f878f20aecce11e682fd291c4559e045cfce385b8975f1 but Satellite was expecting a different hash

2) Entries on log file /var/log/foreman/production.log .

Action failed
ActionView::Template::Error: undefined method `[]=' for #<ActiveModel::Errors:0x000000000a3f1308>
Did you mean?  []

This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.

Comments