Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Set up certificates for Candlepin/Qpid integration. #21

Merged
merged 2 commits into from Jul 1, 2014
Merged

Set up certificates for Candlepin/Qpid integration. #21

merged 2 commits into from Jul 1, 2014

Conversation

awood
Copy link
Contributor

@awood awood commented Jun 26, 2014

Refs #6418

ehelms
ehelms reviewed Jun 30, 2014
View reviewed changes
manifests/candlepin.pp
notify => Service['qpidd'],
} ~>
file { $amqp_store_dir:
ensure => directory,
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can include owner/group/mode for this file?

@ehelms
Copy link
Member

ehelms commented Jun 30, 2014

Bringing together all of the updates you've made, I get the following:

vagrant up centos

[DEBUG 2014-06-30 20:14:18 main]  Executing 'keytool -import -v -keystore /etc/candlepin/certs/amqp/truststore -storepass:file /etc/pki/katello/keystore_password-file -alias  -file /etc/pki/katello/certs/katello-ca-stripped.crt -noprompt'
[ WARN 2014-06-30 20:14:19 main]  /Stage[main]/Certs::Candlepin/Exec[candlepin-import the CA certificate in to the trust store]/returns: Illegal option:  /etc/pki/katello/certs/katello-ca-stripped.crt
[ WARN 2014-06-30 20:14:19 main]  /Stage[main]/Certs::Candlepin/Exec[candlepin-import the CA certificate in to the trust store]/returns: keytool -importcert [OPTION]...
[ WARN 2014-06-30 20:14:19 main]  /Stage[main]/Certs::Candlepin/Exec[candlepin-import the CA certificate in to the trust store]/returns:
[ WARN 2014-06-30 20:14:19 main]  /Stage[main]/Certs::Candlepin/Exec[candlepin-import the CA certificate in to the trust store]/returns: Imports a certificate or a certificate chain
[ WARN 2014-06-30 20:14:19 main]  /Stage[main]/Certs::Candlepin/Exec[candlepin-import the CA certificate in to the trust store]/returns:
[ WARN 2014-06-30 20:14:19 main]  /Stage[main]/Certs::Candlepin/Exec[candlepin-import the CA certificate in to the trust store]/returns: Options:
[ WARN 2014-06-30 20:14:19 main]  /Stage[main]/Certs::Candlepin/Exec[candlepin-import the CA certificate in to the trust store]/returns:
[ WARN 2014-06-30 20:14:19 main]  /Stage[main]/Certs::Candlepin/Exec[candlepin-import the CA certificate in to the trust store]/returns:  -noprompt                       do not prompt
[ WARN 2014-06-30 20:14:19 main]  /Stage[main]/Certs::Candlepin/Exec[candlepin-import the CA certificate in to the trust store]/returns:  -trustcacerts                   trust certificates from cacerts
[ WARN 2014-06-30 20:14:19 main]  /Stage[main]/Certs::Candlepin/Exec[candlepin-import the CA certificate in to the trust store]/returns:  -protected                      password through protected mechanism
[ WARN 2014-06-30 20:14:19 main]  /Stage[main]/Certs::Candlepin/Exec[candlepin-import the CA certificate in to the trust store]/returns:  -alias <alias>                  alias name of the entry to process
[ WARN 2014-06-30 20:14:19 main]  /Stage[main]/Certs::Candlepin/Exec[candlepin-import the CA certificate in to the trust store]/returns:  -file <filename>                input file name
[ WARN 2014-06-30 20:14:19 main]  /Stage[main]/Certs::Candlepin/Exec[candlepin-import the CA certificate in to the trust store]/returns:  -keypass <arg>                  key password
[ WARN 2014-06-30 20:14:19 main]  /Stage[main]/Certs::Candlepin/Exec[candlepin-import the CA certificate in to the trust store]/returns:  -keystore <keystore>            keystore name
[ WARN 2014-06-30 20:14:19 main]  /Stage[main]/Certs::Candlepin/Exec[candlepin-import the CA certificate in to the trust store]/returns:  -storepass <arg>                keystore password
[ WARN 2014-06-30 20:14:19 main]  /Stage[main]/Certs::Candlepin/Exec[candlepin-import the CA certificate in to the trust store]/returns:  -storetype <storetype>          keystore type
[ WARN 2014-06-30 20:14:19 main]  /Stage[main]/Certs::Candlepin/Exec[candlepin-import the CA certificate in to the trust store]/returns:  -providername <providername>    provider name
[ WARN 2014-06-30 20:14:19 main]  /Stage[main]/Certs::Candlepin/Exec[candlepin-import the CA certificate in to the trust store]/returns:  -providerclass <providerclass>  provider class name
[ WARN 2014-06-30 20:14:19 main]  /Stage[main]/Certs::Candlepin/Exec[candlepin-import the CA certificate in to the trust store]/returns:  -providerarg <arg>              provider argument
[ WARN 2014-06-30 20:14:19 main]  /Stage[main]/Certs::Candlepin/Exec[candlepin-import the CA certificate in to the trust store]/returns:  -providerpath <pathlist>        provider classpath
[ WARN 2014-06-30 20:14:19 main]  /Stage[main]/Certs::Candlepin/Exec[candlepin-import the CA certificate in to the trust store]/returns:  -v                              verbose output
[ WARN 2014-06-30 20:14:19 main]  /Stage[main]/Certs::Candlepin/Exec[candlepin-import the CA certificate in to the trust store]/returns:
[ WARN 2014-06-30 20:14:19 main]  /Stage[main]/Certs::Candlepin/Exec[candlepin-import the CA certificate in to the trust store]/returns: Use "keytool -help" for all available commands
[ERROR 2014-06-30 20:14:19 main]  keytool -import -v -keystore /etc/candlepin/certs/amqp/truststore -storepass:file /etc/pki/katello/keystore_password-file -alias  -file /etc/pki/katello/certs/katello-ca-stripped.crt -noprompt returned 1 instead of one of [0]
[ INFO 2014-06-30 20:14:19 main] /usr/lib/ruby/site_ruby/1.8/puppet/util/errors.rb:104:in `fail'

@awood
Refs #6418 - Minor fixes to Candlepin Qpid configuration.
0019f01 
- Add mode, owner, and group to AMQP cert directory.
- Properly reference default_ca_name variable
- Shorten exec type names
@ehelms
Copy link
Member

ehelms commented Jul 1, 2014

ACK. Thanks @awood

ehelms added a commit that referenced this pull request Jul 1, 2014
@ehelms
Merge pull request #21 from awood/master
f2cfd65 
Set up certificates for Candlepin/Qpid integration.
@ehelms ehelms merged commit f2cfd65 into theforeman:master Jul 1, 2014
@mmoll
Copy link
Contributor

mmoll commented Jul 5, 2014

The syntax used here is not supported by the keytool version of java-1.6.0-openjdk. If I install java-1.7.0-openjdk before running katello-deploy/setup.rb, it works.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@awood @ehelms @mmoll