Registration of a Client against a SMT server in non-interactive mode.
This document (7021084) is provided subject to the disclaimer at the end of this document.
Environment
SUSE Linux Enterprise Server 11
SUSE Linux Enterprise Server 12
SUSE Linux Enterprise Server 15
Subscription Management Tool 11
Subscription Management Tool 12
Situation
The registration process of a Client against a SMT or RMT server is an interactive procedure, but in larger environments login into each Client is not an option, so a non-interactive registration is needed.
Resolution
The SMT Client registration script includes an option to pass it the certificate fingerprint of the SMT Server in order to avoid interaction during registration, so the first step is to get the fingerprint by login as root into the SMT server and run the following command :
# openssl x509 -noout -in /srv/www/htdocs/smt.crt -fingerprint -sha1
The SHA1 fingerprint output should look similar to this :
DE:B8:F6:7F:13:30:FB:A5:D1:63:3F:9F:93:85:E1:17:B6:0A:60:17
The next step is to login as root into the Client you want to register and get the registration script from the SMT server with:
# wget http://YOUR-SMT-FQDN-HERE/repo/tools/clientSetup4SMT.shSet the proper permissions to be able to execute the script:
# chmod 755 clientSetup4SMT.shAnd finally, run the registration process like this:
# ./clientSetup4SMT.sh --host <YOUR-SMT-FQDN-HERE> --fingerprint <YOUR-SMT-CERTIFICATE-FINGERPRINT-STRING-HERE> --yes
Example using the above:
# ./clientSetup4SMT.sh --host <YOUR-SMT-FQDN-HERE> --fingerprint DE:B8:F6:7F:13:30:FB:A5:D1:63:3F:9F:93:85:E1:17:B6:0A:60:17 --yes
Registration will be performed without any user interaction.
Cause
After a Subscription change, Organization change or as a consequence of an issue on the SMT/RMT server side, all Clients must be re-registered. This procedure could be adapted as an automated method to be deployed remotely on many SMT/RMT Clients via SSH or any job/batch scheduling tools.
Additional Information
The steps to be performed on RMT clients are very similar.
Get the fingerprint of the rmt-ca certificate:
openssl x509 -noout -in /etc/rmt/ssl/rmt-ca.crt -fingerprint -sha1
The SHA1 fingerprint should look similar to this:
DE:B8:F6:7F:13:30:FB:A5:D1:63:3F:9F:93:85:E1:17:B6:0A:60:17Login to the client you want to register to the RMT server and get the registration script from the RMT server:
wget http://YOUR-RMT-FQDN/tools/rmt-client-setupSet the permissions to be able to execute the script:
chmod +x rmt-client-setupRun the registration process with the fingerprint and yes flags:
./rmt-client-setup --host <YOUR-RMT-FQDN> --regcert http://<YOUR-RMT-FQDN>/rmt.crt --fingerprint <RMT-FINGERPRINT-STRING> --yes
Example:
./rmt-client-setup --host rmt-server.example.com --regcert http://rmt-server.example.com/rmt.crt --fingerprint DE:B8:F6:7F:13:30:FB:A5:D1:63:3F:9F:93:85:E1:17:B6:0A:60:17 --yes
Disclaimer
This Support Knowledgebase provides a valuable tool for SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.
- Document ID:7021084
- Creation Date: 12-Jul-2017
- Modified Date:20-Jan-2025
-
- Subscription Management Tool
- SUSE Linux Enterprise Server
For questions or concerns with the SUSE Knowledgebase please contact: tidfeedback[at]suse.com
