[Satellite6] How to force installer to generate new katello-ca-consumer-latest package (bootstrap RPM)?

Solution Verified - Updated 2 Aug 2024

Environment

Red Hat Satellite 6

Issue

Current katello-ca-consumer-latest package that Satellite or Capsule offers to clients is wrong/damaged/malformed
How to enforce installer to generate a new one?
IMPORTANT NOTE: Regenerating the bootstrap RPM is not necessary when replacing the server certificate, such as when the server certificate is nearing expiry, as long as the CA certificate remains the same.

Resolution

Until 6.8

First, check if the wrong package is not due to this sorting problem.

Any change (i.e. in SSL certificates used) that would cause modification of the package would trigger satellite-installer / capsule-installer to generate a new version of the package. In case one has to manually force the package generation (new version of it), one can remove /var/www/html/pub/katello-server-ca.crt and /var/www/html/pub/katello-rhsm-consumer, followed by a run of the installer:

## remove related files
# rm -f /var/www/html/pub/katello-server-ca.crt /var/www/html/pub/katello-rhsm-consumer

## run the installer
# satellite-installer

After 6.9

The conditions under which a new RPM will get generated are:

User deletes the current bootstrap RPM from /var/www/html/pub
A new server CA certificate is presented to the installer
The FQDN of the server changes and the installer is run

For more KB articles/solutions related to Red Hat Satellite 6.x SSL Certificates Issues, please refer to the Consolidated Troubleshooting Article for Red Hat Satellite 6.x SSL Certificates Issues

Root Cause

With Satellite 6.9+, change of server CA certificate, server FQDN, or removal of bootstrap RPM from /var/ww/html/pub will cause the satellite-installer to automatically generate the new bootstrap RPM with the necessary updates.

Regenerating the bootstrap RPM should not be necessary if only the server certificate, but not the server CA certificate, has changed.

Diagnostic Steps

Satellite-installer code to (re)generate the bootstrap RPM we re-written for Satellite 6.9+. See the comment from satellite-installer developers on this This content is not included.Bugzilla for details.

SBR

SysMgmt

Product(s)

Red Hat Satellite

Category

Learn more

Tags

This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.