3.3. Deploying the CA SSL Public Certificate to Clients
Both the RHN Proxy Server and RHN Satellite Server installation processes make client deployment relatively easy by generating a CA SSL public certificate and RPM. These installation processes make those publicly available by placing a copy of one or both into the
/var/www/html/pub/
directory of the RHN Server.
This public directory can be inspected easily by simply browsing to it via any web browser: http://proxy-or-sat.example.com/pub/.
The CA SSL public certificate in that directory can be downloaded to a client system using
wget
or curl
. For example:
curl -O http://proxy-or-sat.example.com/pub/RHN-ORG-TRUSTED-SSL-CERT wget http://proxy-or-sat.example.com/pub/RHN-ORG-TRUSTED-SSL-CERT
Alternatively, if the CA SSL public certificate RPM resides in the
/pub
directory, it can be installed on a client system directly:
rpm -Uvh \ http://proxy-or-sat.example.com/pub/rhn-org-trusted-ssl-cert-VER-REL.noarch.rpm
Confirm the actual name of the certificate or RPM before running these commands.