The software described in this documentation is either no longer supported or is in extended support.
Oracle recommends that you upgrade to a current supported release.
If the osa-dispatcher
service does not
start, you might see an error similar to the following if you
attempt to start the service manually with the
service osa-dispatcher start command (for
Oracle Linux 6) or the systemctl start
osa-dispatcher command (for Oracle Linux 7):
Starting osa-dispatcher: Spacewalk 10611 2015/05/26 17:11:22 +01:00: ('Traceback caught:',) Spacewalk 10611 2015/05/26 17:11:22 +01:00: ('Traceback (most recent call last):\n File "/usr/share/rhn/osad/jabber_lib.py", line 631, in connect\n ssl.do_handshake()\nError: [(\'SSL routines\', \'SSL3_GET_SERVER_CERTIFICATE\', \'certificate verify failed\')]\n',) [FAILED]
This error usually indicates that the system's host name does not match its FQDN in DNS, or that you specified an incorrect FQDN as the name of the Organization Unit when you installed Spacewalk.
To regenerate the SSL certificate, you can use the
spacewalk-hostname-rename command, which is
available in the spacewalk-utils
package.
If the host name has changed,
spacewalk-hostname-rename prompts you to
enter the same certificate password as you used when you
created the existing certificate. To verify that you know
the correct password before running
spacewalk-hostname-rename, use the
following command, which returns the base64-encoded private
key if the password is correct and an unable to
load Private Key
error otherwise:
#openssl rsa -in /root/ssl-build/RHN-ORG-PRIVATE-SSL-KEY
Enter pass phrase for /root/ssl-build/RHN-ORG-PRIVATE-SSL-KEY:writing RSA key -----BEGIN RSA PRIVATE KEY----- MIIEowIBAAKCAQEAvYQ/Enqo+T3WByuXiOQCpIh7eBFdqWt/e+cm3pfvGYBqi/1g ... +rEs1ZK2mCoofnPzg2o097oPj5v4IHYh8Bmlssbk9BHvQ2ZQckSA -----END RSA PRIVATE KEY-----
cert_passwd
Run spacewalk-hostname-rename, specifying the IP address and FQDN of the server as arguments to the command, for example:
# /usr/sbin/spacewalk-hostname-rename IP_address
--ssl-orgunit=FQDN
After regenerating the SSL certificate, stop the
jabberd
and
osa-dispatcher
services, clear the
jabberd
database, and restart the
jabberd
and
osa-dispatcher
services.
For Oracle Linux 6, enter:
#service jabberd stop
#service osa-dispatcher stop
#rm -Rf /var/lib/jabberd/db/*
#service jabberd start
#service osa-dispatcher start
For Oracle Linux 7, enter:
#systemctl stop jabberd
#systemctl stop osa-dispatcher
#rm -Rf /var/lib/jabberd/db/*
#systemctl start jabberd
#systemctl start osa-dispatcher
On every client registered to the server, verify that the
value of serverURL
in
/etc/sysconfig/rhn/up2date
is configured
with the correct server host name or IP value, for example:
serverURL=https://swksvr.mydom.com/XMLRPC