How to check Custom SSL certificate information after Satellite 6.x is installed?
Environment
- Red Hat Satellite 6.x
Issue
- Is there any way to check the contents of custom SSL certificates installed in Satellite 6.x?
- Which file stores the location or information of custom SSL certificates installed?
- How do I find out if my Satellite is using custom certificates?
- What does my satellite custom certificates look like?
- Where is the CA cert that signed my Satellite's custom certificates?
Resolution
-
To check the Custom (a.k.a. Third party) SSL certificates Location and path from configuration:
# cat /etc/foreman-installer/scenarios.d/satellite-answers.yaml |grep -iE 'server_key|server_cert_req|server_ca_cert|server_cert' -
To check the installed Custom aka Third-party SSL certificates information on the satellite server :
# openssl crl2pkcs7 -nocrl -certfile /etc/pki/katello/certs/katello-apache.crt | openssl pkcs7 -text -print_certs |egrep '(Issuer:|Subject:|CA:|DNS:|Digital|Not Before|Not After|keyid|serial:|TLS)' # openssl crl2pkcs7 -nocrl -certfile /etc/foreman-proxy/foreman_ssl_ca.pem | openssl pkcs7 -text -print_certs |egrep '(Issuer:|Subject:|CA:|DNS:|Digital|Not Before|Not After|keyid|serial:|TLS)' # openssl crl2pkcs7 -nocrl -certfile /etc/foreman-proxy/ssl_cert.pem | openssl pkcs7 -text -print_certs |egrep '(Issuer:|Subject:|CA:|DNS:|Digital|Not Before|Not After|keyid|serial:|TLS)'
- For more KB articles/solutions related to Red Hat Satellite 6.x SSL Certificates Issues, please refer to the Consolidated Troubleshooting Article for Red Hat Satellite 6.x SSL Certificates Issues
SBR
Product(s)
Category
Tags
This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.