ISSUE: The system is unable to register with Redhat network (RHN).
SYSTEM DETAILS: RHEL6 (2.6.32-131.2.1.el6.x86_64). The firewall is turned off. I have network connectivity. There is no GUI. All work is done from the command line.
The following files are installed:
rhn-check-1.0.0-61.el6.noarch.rpm
rhn-client-tools-1.0.0-61.el6.noarch.rpm
rhn-setup-1.0.0-61.el6.noarch.rpm
yum-rhn-plugin-0.9.1-26.el6.noarch.rpm
BACKGROUND: I submitted a Redhat ticket but after many conversations with them that did not help. They recommended rebuilding the entire system. However, I have spent a considerable amount of time securing the system using the NSA security guidelines and subsequently do not want to rebuild . . . unless absolutely necessary.
This is the command I used to begin the registration process:
#> rhn_register
When connecting via HTTP, http://xmlrpc.rhn.redhat.com/XMLRPC, using the rhn_register command I am getting the following error in /var/log/up2date:
Traceback (most recent call last):
File "/usr/sbin/rhn_register", line 76, in <module>
app.run()
File "/usr/share/rhn/up2date_client/rhncli.py", line 74, in run
sys.exit(self.main() or 0)
File "/usr/sbin/rhn_register", line 58, in main
ui.main()
File "/usr/share/rhn/up2date_client/tui.py", line 1272, in main
tui.run()
File "/usr/share/rhn/up2date_client/tui.py", line 1230, in run
result = win.run()
File "/usr/share/rhn/up2date_client/tui.py", line 235, in run
tui_call_wrapper(self.screen, rhnreg.getCaps)
File "/usr/share/rhn/up2date_client/tui.py", line 81, in tui_call_wrapper
results = func(*params)
File "/usr/share/rhn/up2date_client/rhnreg.py", line 246, in getCaps
s.capabilities.validate()
File "/usr/share/rhn/up2date_client/rhnserver.py", line 156, in __get_capabilities
self.registration.welcome_message()
File "/usr/share/rhn/up2date_client/rhnserver.py", line 50, in __call__
return rpcServer.doCall(method, *args, **kwargs)
File "/usr/share/rhn/up2date_client/rpcServer.py", line 206, in doCall
ret = method(*args, **kwargs)
File "/usr/lib64/python2.6/xmlrpclib.py", line 1199, in __call__
return self.__send(self.__name, args)
File "/usr/share/rhn/up2date_client/rpcServer.py", line 39, in _request1
ret = self._request(methodname, params)
File "/usr/lib/python2.6/site-packages/rhn/rpclib.py", line 383, in _request
self._handler, request, verbose=self._verbose)
File "/usr/lib/python2.6/site-packages/rhn/transports.py", line 188, in request
return self._process_response(fd, connection)
File "/usr/lib/python2.6/site-packages/rhn/transports.py", line 216, in _process_response
return self.parse_response(fd)
File "/usr/lib/python2.6/site-packages/rhn/transports.py", line 236, in parse_response
p.feed(response)
File "/usr/lib64/python2.6/xmlrpclib.py", line 601, in feed
self._parser.Parse(data, 0)
<class 'xml.parsers.expat.ExpatError'>: not well-formed (invalid token): line 1, column 125
When connecting via HTTPS, https://xmlrpc.rhn.redhat.com/XMLRPC, I receive the following error:
Traceback (most recent call last):
File "/usr/sbin/rhn_register", line 76, in <module>
app.run()
File "/usr/share/rhn/up2date_client/rhncli.py", line 74, in run
sys.exit(self.main() or 0)
File "/usr/sbin/rhn_register", line 58, in main
ui.main()
File "/usr/share/rhn/up2date_client/tui.py", line 1272, in main
tui.run()
File "/usr/share/rhn/up2date_client/tui.py", line 1230, in run
result = win.run()
File "/usr/share/rhn/up2date_client/tui.py", line 235, in run
tui_call_wrapper(self.screen, rhnreg.getCaps)
File "/usr/share/rhn/up2date_client/tui.py", line 85, in tui_call_wrapper
FatalErrorWindow(screen, e.errmsg)
<type 'exceptions.AttributeError'>: 'SSLCertificateVerifyFailedError' object has no attribute 'errmsg'
ADDITONAL INFO:
Permissions for /usr/share/rhn/RHNS-CA-CERT:
-rw-r--r--. 1 root root 8865 Apr 8 2010 /usr/share/rhn/RHNS-CA-CERT
/etc/sysconfig/rhn/up2date file (of course I change the comments around when trying to connect to http or https, see below):
# Automatically generated Red Hat Update Agent config file, do not edit.
# Format: 1.0
tmpDir[comment]=Use this Directory to place the temporary transport files
tmpDir=/tmp
disallowConfChanges[comment]=Config options that can not be overwritten by a config update action
disallowConfChanges=noReboot;sslCACert;useNoSSLForPackages;noSSLServerURL;serverURL;disallowConfChanges;
skipNetwork[comment]=Skips network information in hardware profile sync during registration.
skipNetwork=0
networkRetries[comment]=Number of attempts to make at network connections before giving up
networkRetries=1
hostedWhitelist[comment]=RHN Hosted URL's
hostedWhitelist=
enableProxy[comment]=Use a HTTP Proxy
enableProxy=0
writeChangesToLog[comment]=Log to /var/log/up2date which packages has been added and removed
writeChangesToLog=0
serverURL[comment]=Remote server URL
#serverURL=https://xmlrpc.rhn.redhat.com/XMLRPC
serverURL=http://xmlrpc.rhn.redhat.com/XMLRPC
useNoSSLForPackages=1
proxyPassword[comment]=The password to use for an authenticated proxy
proxyPassword=
proxyUser[comment]=The username for an authenticated proxy
proxyUser=
versionOverride[comment]=Override the automatically determined system version
versionOverride=
sslCACert[comment]=The CA cert used to verify the ssl server
sslCACert=/usr/share/rhn/RHNS-CA-CERT
retrieveOnly[comment]=Retrieve packages only
retrieveOnly=0
debug[comment]=Whether or not debugging is enabled
debug=0
httpProxy[comment]=HTTP proxy in host:port format, e.g. squid.redhat.com:3128
httpProxy=
systemIdPath[comment]=Location of system id
systemIdPath=/etc/sysconfig/rhn/systemid
enableProxyAuth[comment]=To use an authenticated proxy or not
enableProxyAuth=0
noReboot[comment]=Disable the reboot actions
noReboot=0