This repository has been archived by the owner on Oct 9, 2018. It is now read-only.
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Fixes #7632, #7637: Adding FAQ and Debug certificate sections.
- Loading branch information
Showing
16 changed files
with
204 additions
and
103 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,11 @@ | ||
<nav class="context-nav"> | ||
{% for page in site.pages %} | ||
{% if page.path contains "troubleshooting" %} | ||
<ul> | ||
<li class="nav-item"> | ||
<a href="{{ site.base_url }}{{ page.url }}">{{ page.title }}</a> | ||
</li> | ||
</ul> | ||
{% endif %} | ||
{% endfor %} | ||
</nav> |
This file was deleted.
Oops, something went wrong.
File renamed without changes
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,54 @@ | ||
--- | ||
layout: documentation | ||
title: Debug Certificate | ||
sidebar: sidebars/troubleshooting.html | ||
--- | ||
|
||
# Debug Certificate | ||
|
||
Debug certificates (also called Ueber Certificates) can be used to unlock all the content for a given Organization. These are meant to be used by sysadmins who are debugging issues with the Katello install. | ||
|
||
## Generating a Debug Certificate | ||
|
||
To generate a debug certificate for a given Organization from the UI, navigate to the organizations page and click on the organization for which you want a debug certificate. Click on the button to generate and download the certificate as highlighted below: | ||
|
||
![Generate Debug Certificate](./debug_certificate.png) | ||
|
||
To generate a debug certificate using the API, see [Debug Certificate API](http://www.katello.org/docs/api/apidoc/organizations.html#description-download_debug_certificate). | ||
|
||
In either case, you will get the Private Key and Certificate returned to you in a format such as : | ||
|
||
``` | ||
Key: -----BEGIN RSA PRIVATE KEY----- | ||
<<<<DER ENCODED TEXT>>>> | ||
-----END RSA PRIVATE KEY----- | ||
Cert: -----BEGIN CERTIFICATE----- | ||
<<<<DER ENCODED TEXT>>>> | ||
-----END CERTIFICATE----- | ||
``` | ||
|
||
## Using Firefox to browse content | ||
|
||
If you wish to use the certificate to browse content via Firefox, do the following: | ||
|
||
1. Copy the output of the above command from {{{-----BEGIN RSA PRIVATE KEY-----}}} to {{{-----END RSA PRIVATE KEY-----}}} inclusive to a file called key.pem | ||
1. Copy the output of the above command from {{{-----BEGIN CERTIFICATE-----}}} to {{{-----END CERTIFICATE-----}}} inclusive to a file called cert.pem | ||
1. Run the following command to create a pkcs12 file: | ||
``` | ||
openssl pkcs12 -keypbe PBE-SHA1-3DES -certpbe PBE-SHA1-3DES -export -in cert.pem -inkey key.pem -out [NAME].pfx -name [NAME] | ||
``` | ||
1. Provide a password when prompted. | ||
1. Using the preferences tab, import the resulting pfx file into your browser (Edit->Preferences->Advanced Tab -> View Certificates -> Import) | ||
1. On the Katello server, edit the /etc/httpd/conf.d/pulp.conf file. Add the following line in the {{{<Directory /var/www/pub/repos>}}} Stanza: | ||
``` | ||
Options +Indexes | ||
``` | ||
1. Restart Apache on the server. | ||
1. Point your browser at http://[FQDN]/pulp/repos/[ORG_NAME] | ||
|
||
To use curl to access the repository, you can provide --cert and --key options. Provided the cert is in {{{~/cert.pem}}} and key in {{{~/key.cert}}}, the following command will let you access any repository data in the organization. To check the access to a repository, checking the availability of repodata/repomd.xml is usually a good idea (make sure key.pem and cert.pem are '''absolute paths''' otherwise it silently fails): | ||
|
||
``` | ||
curl -k --cert ~/cert.pem --key ~/key.pem https://katello.example.com/pulp/repos/test/Dev/custom/zoo/base-two/repodata/repomd.xml | ||
``` |
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
File renamed without changes
File renamed without changes
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,45 @@ | ||
--- | ||
layout: documentation | ||
title: FAQ | ||
sidebar: sidebars/troubleshooting.html | ||
--- | ||
|
||
# Frequently Asked Questions | ||
|
||
### How can I sync a repository like Katello does directly from the console? | ||
|
||
Sometimes you want to debug why a synchronization of a repository from Katello is failing and rather than dig through log files and error messages it can often be easier to try to sync the repo with the ''grinder'' tool which is what Katello uses to download repositories. The tool can be ran from a terminal on your Katello server: | ||
|
||
``` | ||
$ grinder yum --label=sync-test --url=http://fedorapeople.org/groups/katello/releases/yum/1.0/RHEL/6Server/x86_64/ | ||
grinder.RepoFetch: INFO fetchYumRepo() repo_label = sync-test, repo_url = | ||
http://fedorapeople.org/groups/katello/releases/yum/1.0/RHEL/6Server/x86_64/, basepath = ./, verify_options = {} | ||
grinder.RepoFetch: INFO sync-test, http://fedorapeople.org/groups/katello/releases/yum/1.0/RHEL/6Server/x86_64/, | ||
Calling RepoFetch with: cacert=<None>, clicert=<None>, clikey=<None>, proxy_url=<None>, proxy_port=<3128>, proxy_user=<None>, | ||
proxy_pass=<NOT_LOGGED>, sslverify=<1>, max_speed=<None>, verify_options=<{}>, filter=<None> | ||
.... | ||
grinder.ParallelFetch: INFO 5 threads are active. 8 items left to be fetched | ||
grinder.ParallelFetch: INFO 4 threads are active. 4 items left to be fetched | ||
grinder.ParallelFetch: INFO WorkerThread deleting ActiveObject | ||
grinder.ParallelFetch: INFO Thread ending | ||
grinder.ParallelFetch: INFO 3 threads are active. 3 items left to be fetched | ||
grinder.ParallelFetch: INFO WorkerThread deleting ActiveObject | ||
grinder.ParallelFetch: INFO Thread ending | ||
``` | ||
|
||
You now have a directory called sync-test off of your current working directory: | ||
|
||
``` | ||
$ ls sync-test/ | ||
converge-ui-devel-0.8.3-1.el6.noarch.rpm | ||
elasticsearch-0.18.4-13.el6.noarch.rpm | ||
katello-1.0.6-1.el6.noarch.rpm | ||
katello-agent-1.0.6-1.el6.noarch.rpm | ||
katello-all-1.0.6-1.el6.noarch.rpm | ||
katello-certs-tools-1.1.7-1.el6.noarch.rpm | ||
lucene3-contrib-3.4.0-2.el6.noarch.rpm | ||
repodata | ||
rubygem-actionmailer-3.0.10-3.el6.noarch.rpm | ||
... | ||
``` |
Oops, something went wrong.