RHN Proxy Server 2.1: Installation Guide
Previous Appendix F. Quick Start Guide for Manual Installation and Configuration Next

F.7. Test RHN Proxy Server with SSL

RHN Proxy Server should now be completely configured; you must now copy the appropriate certificates to the client and test RHN Proxy Server over SSL.

Note Note
 

You must use version 2.7.11 or higher of rhn_register on client systems running Red Hat Linux 7.2 or earlier so they can recognize new certificates. This RPM should be available in /var/spool/up2date on your proxy system after you run up2date for the proxy. Systems running Red Hat Linux 8.0 and later have this functionality built into the Red Hat Update Agent.

  • Install the previously created rhns-ca-cert package on the client systems.

  • Reconfigure the client configuration files /etc/sysconfig/rhn/rhn_register and /etc/sysconfig/rhn/up2date by changing http to https on the following line in each file:

    serverURL=https://your_rhn_proxy_server.com/XMLRPC
    
  • Edit (or add if not present) the sslCACert line in /etc/sysconfig/rhn/up2date, changing the path to the new certificate authority file:

    sslCACert[comment]=The location of the SSL CA certificate.
    sslCACert=/usr/share/rhn/RHNS-CORP-CA-CERT
  • Run up2date -l from the client. It should return successfully with no errors, indicating that your proxy is fully functional with SSL.

Previous Home Next
Configure SSL Up Manual Installation and Configuration