The execution of satellite-installer command failed with an error asn1 encoding routines:ASN1_mbstring_ncopy:string too long.

Solution Verified - Updated 3 Jun 2024

Environment

Red Hat Satellite 6

Issue

Unable to run satellite-installer command successfully on Red Hat Satellite server as the installer is failing with below error:

problems making Certificate Request
140099632740160:error:0D07A097:asn1 encoding routines:ASN1_mbstring_ncopy:string too long:crypto/asn1/a_mbstr.c:107:maxsize=64

Resolution

Make sure the Fully Qualified Domain Name (FQDN) of the Red Hat Satellite server is less than 64 characters.
Open a This content is not included.support case with Red Hat Technical Support Team if the issue persists after changing the hostname of the Red Hat Satellite server.

For more KB articles/solutions related to Red Hat Satellite 6.x Installation/Upgrade/Update Issues, please refer to the Red Hat Satellite Consolidated Troubleshooting Article for Red Hat Satellite 6.x Installation/Upgrade/Update Issues.

Root Cause

The character limit for Red Hat Satellite server FQDN is set 64.

Diagnostic Steps

Check the character count of the FQDN of the Red Hat Satellite server using below command:
```
# hostname -f | wc -c
```

Below logs are generated in /var/log/foreman-installer/satellite.log file upon the execution of satellite-installer command.

   Execution of '/bin/katello-ssl-tool --gen-ca --dir /root/ssl-build -p file:/etc/pki/katello/private/katello-default-ca.pwd --force --ca-cert-dir /etc/pki/katello-certs-tools/certs --set-common-name satellite.example.com --ca-cert katello-default-ca.crt --ca-key katello-default-ca.key --ca-cert-rpm katello-default-ca --set-country XX --set-state XXXX --set-city XXXX --set-org Katello --set-org-unit SomeOrgUnit --set-email  --cert-expiration 36500' returned 11: ERROR: Certificate Authority public SSL certificate generation failed:
   problems making Certificate Request
140099632740160:error:0D07A097:asn1 encoding routines:ASN1_mbstring_ncopy:string too long:crypto/asn1/a_mbstr.c:107:maxsize=64
Generating private CA key: "********"
Generating public CA certificate: /root/ssl-build/katello-default-ca.crt
Using distinguishing variables:
--set-country      = "XX"
--set-state        = "XXXX"
--set-city         = "XXXX"
--set-org          = "Katello"
--set-org-unit     = "SomeOrgUnit"
--set-common-name  = "satellite.example.com"
--set-email        = ""
Could not set 'present' on ensure: No such file or directory @ rb_sysopen - /root/ssl-build/katello-default-ca.crt (file: /usr/share/foreman-installer/modules/certs/manifests/ca.pp, line: 59)
Could not set 'present' on ensure: No such file or directory @ rb_sysopen - /root/ssl-build/katello-default-ca.crt (file: /usr/share/foreman-installer/modules/certs/manifests/ca.pp, line: 59)
Wrapped exception:
No such file or directory @ rb_sysopen - /root/ssl-build/katello-default-ca.crt
/Stage[main]/Certs::Ca/Ca[katello-server-ca]/ensure: change from 'absent' to 'present' failed: Could not set 'present' on ensure: No such file or directory @ rb_sysopen - /root/ssl-build/katello-default-ca.crt (file: /usr/share/foreman-installer/modules/certs/manifests/ca.pp, line: 59)
/Stage[main]/Certs::Ca/File[/etc/pki/katello/certs/katello-default-ca.crt]: Could not evaluate: Could not retrieve information from environment production source(s) file:///root/ssl-build/katello-default-ca.crt
/Stage[main]/Certs::Ca/File[/etc/pki/katello/certs/katello-server-ca.crt]: Could not evaluate: Could not retrieve information from environment production source(s) file:///root/ssl-build/katello-server-ca.crt

SBR

SysMgmt

Product(s)

Red Hat Satellite

Category

Troubleshoot

Tags

This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.