Loading...

XML

Word

Printable

Type: Bug
Resolution: Unresolved
Fix Version/s: None
Affects Version/s: 6.16.0
Component/s: Installation
Labels:
- Sat6.16_Testathon#1

Story Points:
0
Blocked:
False
Blocked Reason:

Hide

None

Show
None
Ready:
False
BZ Status:
CLOSED
Bugzilla Bug:
RHBZ: 2274453
PM Score:
0
Satellite Team:

Platform
BZ Keywords:
- Unset
Intelligence Requested:
Market:

Target Version:

6.16.0

Regression:
No

SFDC Cases Links:
SFDC Cases Counter:
SFDC Cases Open:

Description of problem:

A fresh Satellite 6.16 installation on RHEL9 with FIPS enabled failed with:

~~~
2024-04-11 02:17:42 [ERROR ] [configure] Apr 11 02:17:41 sat616-rhel9.xxx.xxx.xx.xx.com systemd[1]: Starting Foreman Proxy...
2024-04-11 02:17:42 [ERROR ] [configure] Apr 11 02:17:42 sat616-rhel9.xxx.xx.xx.xx.xx smart-proxy[27075]: Errors detected on startup, see log for details. Exiting: Could not parse PKey
2024-04-11 02:17:42 [ERROR ] [configure] Apr 11 02:17:42 sat616-rhel9.x.x.x.x.x systemd[1]: foreman-proxy.service: Main process exited, code=exited, status=1/FAILURE
2024-04-11 02:17:42 [ERROR ] [configure] Apr 11 02:17:42 sat616-rhel9.x.x.x.x.x systemd[1]: foreman-proxy.service: Failed with result 'exit-code'.
2024-04-11 02:17:42 [ERROR ] [configure] Apr 11 02:17:42 sat616-rhel9.x.x.x.x.com systemd[1]: Failed to start Foreman Proxy.
~~~

Checking the foreman-proxy log, it has:

~~~
2024-04-11T02:17:42 [E] Unable to load private SSL key. Are the values correct in settings.yml and do permissions allow reading?
2024-04-11T02:17:42 [W] Error details for Unable to load private SSL key. Are the values correct in settings.yml and do permissions allow reading?: <OpenSSL::PKey::PKeyError>: Could not parse PKey
/usr/share/foreman-proxy/lib/launcher.rb:106:in `read'
/usr/share/foreman-proxy/lib/launcher.rb:106:in `load_ssl_private_key'
/usr/share/foreman-proxy/lib/launcher.rb:96:in `https_app'
/usr/share/foreman-proxy/lib/launcher.rb:132:in `launch'
/usr/share/foreman-proxy/bin/smart-proxy:6:in `<main>'
2024-04-11T02:17:42 [E] Error during startup, terminating
2024-04-11T02:17:42 [W] Error details for Error during startup, terminating: <OpenSSL::PKey::PKeyError>: Could not parse PKey
~~~

The private key seems alright:

~~~
ls -lrt /etc/foreman-proxy
total 52
~~rw-r~~r-. 1 root root 0 Apr 3 12:57 migration_state
rr----. 1 root foreman-proxy 2529 Apr 11 02:08 ssl_ca.pem
rr----. 1 root foreman-proxy 2529 Apr 11 02:08 foreman_ssl_ca.pem
~~rw-r~~----. 1 root foreman-proxy 771 Apr 11 02:08 ansible.env
~~rw-r~~----. 1 root foreman-proxy 3438 Apr 11 02:08 settings.yml
rr----. 1 root foreman-proxy 3272 Apr 11 02:08 ssl_key.pem
rrr-. 1 root foreman-proxy 8477 Apr 11 02:08 ssl_cert.pem
rr----. 1 root foreman-proxy 3272 Apr 11 02:08 foreman_ssl_key.pem
rrr-. 1 root foreman-proxy 8483 Apr 11 02:08 foreman_ssl_cert.pem
drwxr-xr-x. 2 root root 4096 Apr 11 02:17 settings.d
~~~

Version-Release number of selected component (if applicable):

6.16

How reproducible:

Easy

Steps to Reproduce:

Install Satellite 6.16 on RHEL9 with FIPS enabled

Actual results:

The installer failed

Expected results:

the installer should complete successfully.

Additional info:

duplicates

SAT-24492 foreman-proxy service fails to start while configuring Red Hat Satellite 6.16 on a FIPS-enabled RHEL-9 system while executing the "satellite-installer --scenario satellite" command

Closed

Assignee:: RH Bugzilla Integration

Reporter:: RH Bugzilla Integration

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Created:: 2024/04/11 7:04 AM

Updated:: 2024/07/01 7:34 PM

Details

Description

Attachments

Issue Links

Activity

People

Dates