![]() +++ /tmp/puppet-file20170502-25928-101m16o 09:30:58.026811503 -3,7 +3,9 CHANGES WILL LIKELY BE OVERWRITTEN.Ĭan a broader URL scope (Location) that includes the login URL be applied or alternatively find another solution.Ĭustomer got it working by changing these lines in /etc/httpd/conf.d/05-foreman-ssl.d/katello. This change in nf breaks the method of how we log in to the Satellite WEB-UI using our smart cards. We have located the source to our problem in /etc/httpd/conf.d/05-foreman-ssl.d/nfīugZilla 1367162 limits the URL scope of how the Apache webserver handles a SSL username supplied from the client. ![]() We can no longer log in to the Satellite WEB-UI using Single Sign On with our smart cards. I'm still seeing this on Satellite 6.3.0 SNAP 5.0:Īfter updating Satellite from 6.2.8 to 6.2.9. This spamming of the logs is low severity, but can be misleading to the user and make actual errors less easily noticeable. SetEnvIf SSL_CLIENT_CERT "^.*" client_cert_present=1 # a reverse proxy may already be sending the cert through this header # if ssl_client_certa is present set the header, otherwise don't override # WARNING: THIS CONFIGURATION WAS GENERATED BY KATELLO-CONFIGURE TOOL, etc/httpd/conf.d/05-foreman-ssl.d/nf sets "SSLUsername SSL_CLIENT_S_DN_CN" regardless of the Location, so it tries to read a client certificate's CN even for web browser access, which leads to this repeated warn-level logging. It can be integrated with business mail to track the status of individual logged bugs. No warnings if client certificate is not used for the given url. 'Bugzilla one of the best tools to log bugs' Overall : Bugzilla is a free and open-source tool suitable for small and large projects. # grep -v AH02227 /var/log/httpd/foreman-ssl_error_ssl.log 1 root root 78672 Aug 15 12:48 /var/log/httpd/foreman-ssl_error_ssl.log # ll /var/log/httpd/foreman-ssl_error_ssl.log* Repeated "AH02227: Failed to set r->user to 'SSL_CLIENT_S_DN_CN'" warnings spamming the httpd logs: Version-Release number of selected component (if applicable):įoreman-installer-1.11.0.ġ.) After navigating to any page in the web UI, view /var/log/httpd/foreman-ssl_error_ssl.log AH02227: Failed to set r->user to 'SSL_CLIENT_S_DN_CN', referer: Please complete your transactions and log out to avoid loss of. => /var/log/httpd/foreman-ssl_error_ssl.log user to 'SSL_CLIENT_S_DN_CN', referer: The KISTERS Bugzilla database will be backed up from 01:00h to 01:30h Europe/Berlin time. Any web UI page loads generate warnings like the following:
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |