SMT is unable to communicate with Novell through proxy server

  • 7006943
  • 28-Sep-2010
  • 27-Apr-2012

Environment


Subscription Management Tool (SMT) for SUSE Linux Enterprise 10
Subscription Management Tool (SMT) for SUSE Linux Enterprise 11
SUSE Linux Enterprise Server 10
SUSE Linux Enterprise Server 11
3rd-party Proxy device

Situation

Symptoms:
The Subscription Management Tool (SMT) is configured to use a proxy configuration. When it is set to bypass the proxy server, or is set to go out through a non-ssl connection, SMT connects to Novell correctly. However, when SMT
is set to go through the proxy over SSL, the following errors are recorded:

"Failed to download  https:  secure-www.novell.com center regsvc ?
command=listregistrations&lang=en-US&version=1.0
List registrations request failed.
Flagged Catalogs which can be mirrored
Failed to download  https:  nu.novell.com   repo repoindex.xml
File not found  tmp ZYNak7rFnt  repo repoindex.xml

The 3rd-party proxy is using a self-signed certificate. LAN traces taken shows the client responding by saying "Unknown CA", which prevents the connection from being established. The certificate had been copied to the SMT server.

Resolution

On the server hosting SMT:
1. Verify the certificate was copied to /etc/ssl/certs
2. From the console prompt, su to the server. Run the command c_rehash /etc/ssl/certs/

Additional Information

While the client did successfully export the certificate from the proxy server, and had copied it to the correct location, the c_refresh command had  not been executed.

Feedback service temporarily unavailable. For content questions or problems, please contact Support.