Installation guide
# service httpd restart
4.3. Deploying the CA SSL Public Certificate to Clients
The Red Hat Satellite Proxy Server and Red Hat Satellite Server installation processes generate a CA
SSL public certificate and package it in an RPM file. These installation processes make the certificate
and RPM file publicly available by placing a copy of one or both into the /var/www/htm l/pub/ directory
of the Satellite or Proxy Server.
You can use your web browser to inspect the contents of this directory: http://proxy-or-
sat.example.com/pub/. You can use the wget or curl commands to download the CA SSL public
certificate to a client system.
Important
Confirm the name of the certificate or RPM file before running any of these commands.
# curl -O http://proxy-or-sat.example.com/pub/RHN-ORG-TRUSTED-SSL-CER T
# wget http://proxy-or-sat.example.com/pub/RHN-O RG -TRUSTED-SSL-CERT
Alternatively, if the CA SSL public certificate RPM file exists in the /pub directory, you can use the rpm
command to install the package. For example:
# rpm -Uvh http://proxy-or-sat.example.com/pub/rhn-org-trusted-ssl-cert-VER-
REL.noarch.rpm
4.4. Configuring Client Systems to Use Certificates
After you have deployed the RPM file or the certificate to a client system, you need to edit the
configuration files of the Red Hat Update Agent and the Red Hat Satellite Registration Client (if
necessary) to use the new CA SSL public certificate file. You also need to update the configuration so
that it connects to the appropriate Red Hat Proxy Server or Red Hat Satellite Server. The generally
accepted location for that CA SSL public certificate is in the /usr/share/rhn directory.
The Red Hat Proxy Server and Red Hat Satellite Server both have Red Hat Satellite Bootst rap
installed by default, which can greatly reduce these repetitive steps and simplify the process of
registering and configuring client systems. See the Red Hat Satellite Getting Started Guide for details.
Red Hat Satellite 5.6 Client Configuration Guide
20