How to test CDN scanning performed by Satellite6?

Solution Verified - Updated

Environment

  • Red Hat Satellite 6

Issue

  • Attempting to scan Red Hat repositories in Satellite6, it fails or lists no repository. Satellite manifest has been refreshed.

  • How to mimic the CDN scan from command line, to narrow down the problem?

Resolution

In the below example, customize SKU name and URI path to scan (RHEL8 base path used here). First generate the CDN certificates:

SKU="MCT3718"
for what in cert privatekey; do
  su - postgres -c "psql candlepin -c \"COPY (SELECT cert.${what} FROM cp_certificate AS cert INNER JOIN cp_pool AS pool ON pool.certificate_id = cert.id INNER JOIN cp2_products AS product ON product.uuid = pool.product_uuid WHERE product.product_id = '$SKU' LIMIT 1) TO STDOUT;\"" | xxd -r -p > cdn.${SKU}.${what}.pem
  done
done

Now, mimic the CDN scan:

curl -vv --cacert /etc/rhsm/ca/redhat-uep.pem --cert cdn.${SKU}.cert.pem --key cdn.${SKU}.privatekey.pem https://cdn.redhat.com:443/content/dist/rhel8/listing

In case a HTTP proxy is used, double-check which one (in WebUI: Administer -> Settings -> Content -> "Default HTTP Proxy", then Infrastructure -> HTTP Proxies -> select the proxy -> copy Url), and add "--proxy " option to the curl command, like:

curl -vv --proxy http://MY.SQUID.PROXY:8080 --cacert /etc/rhsm/ca/redhat-uep.pem --cert cdn.${SKU}.cert.pem --key cdn.${SKU}.privatekey.pem https://cdn.redhat.com:443/content/dist/rhel8/listing
SBR
Product(s)
Components
Category

This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.