Loading...

XML

Word

Printable

Type: Bug
Resolution: Done-Errata
Priority: Major
Fix Version/s: 6.17.1
Affects Version/s: 6.17.0
Component/s: RH Cloud
Labels:

Story Points:
2
Target Version:

6.17.1
Blocked:
False
Fixed in Build:
foreman_rh_cloud-11.4.1
Severity:
Important

Release Note Type:
None
Release Note Text:
None
Release Note Status:
None

SFDC Cases Links:
SFDC Cases Counter:
SFDC Cases Open:

Test Coverage:
None

Market:

Description of problem:

Clients attempting to register with insights-client when the local iop-advisor-engine is enabled will fail. This happens when a Satellite is configured with custom certificates.

How reproducible:

Always

Is this issue a regression from an earlier version:

Steps to Reproduce:

1. Install satellite with custom certificates

2. Pull down iop-advisor-engine from stage to Satellite

3. Enable `foreman-installer --foreman-plugin-rh-cloud-enable-iop-advisor-engine true`

Actual behavior:
The insights-client will throw the error:

Unable to fetch egg url https://satellite.fbd8t.sandbox3988.opentlc.com:443/redhat_access/r/insights/platform/module-update-router/v1/channel?module=insights-core: 502: Bad Gateway. Defaulting to /release
Machine-id found, insights-client can not be registered. Please, unregister insights-client first: `insights-client --unregister`

The following is seen in the production.log file:

2025-04-02T14:35:38 [I|app|3f5ecf58] Completed 502 Bad Gateway in 38ms (Views: 0.2ms | ActiveRecord: 3.8ms | Allocations: 21055)
2025-04-02T14:35:38 [I|app|6f1bfa3d] Started GET "/redhat_access/r/insights/v1/static/release/insights-core.el9.egg" for 18.223.171.62 at 2025-04-02 14:35:38 +0000
2025-04-02T14:35:38 [I|app|6f1bfa3d] Processing by InsightsCloud::Api::MachineTelemetriesController#forward_request as */*
2025-04-02T14:35:38 [I|app|6f1bfa3d]   Parameters: {"path"=>"v1/static/release/insights-core.el9"}
2025-04-02T14:35:38 [I|app|6f1bfa3d] Forwarding request failed with exception: SSL_connect returned=1 errno=0 state=error: certificate verify failed (unable to get local issuer certificate)
2025-04-02T14:35:38 [I|app|6f1bfa3d] Completed 502 Bad Gateway in 24ms (Views: 0.1ms | ActiveRecord: 2.3ms | Allocations: 11441)
2025-04-02T14:35:39 [I|app|73d59d57] Started GET "/redhat_access/r/insights/v1/branch_info" for 18.223.171.62 at 2025-04-02 14:35:39 +0000
2025-04-02T14:35:39 [I|app|73d59d57] Processing by InsightsCloud::Api::MachineTelemetriesController#branch_info as JSON
2025-04-02T14:35:39 [I|app|73d59d57] Completed 200 OK in 14ms (Views: 0.1ms | ActiveRecord: 3.0ms | Allocations: 6769)
2025-04-02T14:35:40 [I|app|f0ff3bec] Started GET "/redhat_access/r/insights/v1/systems/30e1417b-0adc-448f-9fc7-47e1b78810f8" for 18.223.171.62 at 2025-04-02 14:35:40 +0000
2025-04-02T14:35:40 [I|app|f0ff3bec] Processing by InsightsCloud::Api::MachineTelemetriesController#forward_request as JSON
2025-04-02T14:35:40 [I|app|f0ff3bec]   Parameters: {"path"=>"v1/systems/30e1417b-0adc-448f-9fc7-47e1b78810f8"}
2025-04-02T14:35:40 [I|app|f0ff3bec] Forwarding request failed with exception: SSL_connect returned=1 errno=0 state=error: certificate verify failed (unable to get local issuer certificate)
2025-04-02T14:35:40 [I|app|f0ff3bec] Completed 502 Bad Gateway in 47ms (Views: 0.2ms | ActiveRecord: 4.8ms | Allocations: 23988)

Expected behavior:
insights-client should behave normally

Business Impact / Additional info:

depends on

SAT-32482 Explicitly include CA file when making calls to advisor engine by ehelms · Pull Request #971 · theforeman/foreman_rh_cloud · GitHub

Closed

links to

RHSA-2025:150804 Satellite 6.17.1 Async Update

Assignee:: Eric Helms

Reporter:: Eric Helms

QA Contact:: Tasos Papaioannou

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Created:: 2025/05/20 2:30 PM

Updated:: 2025/08/08 11:23 AM

Resolved:: 2025/06/12 2:50 PM

Details

Description

Attachments

Issue Links

Easy Agile Planning Poker

Activity

People

Dates