Contents
Any machine running SUSE Linux Enterprise Server 11 or SUSE Linux Enterprise Desktop 11 can be configured to register against local Subscription Management Tool server to download software updates instead of communicating directly with the Novell Customer Center and the NU servers. To use an SMT server for client registration and as a local update source, you must configure the SMT server in your network first. The SMT server software is distributed as an add-on for SUSE Linux Enterprise Server and its configuration is described in the Subscription Management Tool Guide. There is no need to install any add-on on the clients to be configured for registering against an SMT server.
To register a client against an SMT server, you need to equip the client
with the server's URL. As client and server communicate via the HTTPS
protocol during registration, you also need to make sure the client trusts
the server's certificate. In case your SMT server is set up to use the
default server certificate, the CA certificate will be available on the
SMT server via HTTP protocol at
http://
(where
FQDN
/smt.crtFQDN
stands for fully qualified domain name). In this
case you do not have to concern yourself with the certificate: the
registration process will automatically download the CA certificate from
there, unless configured otherwise. You must enter a path to the server's
CA certificate if the certificate was issued by an external certificate
authority.
![]() | Registering Against *.novell.com Subdomain |
---|---|
If you try to register against any |
There are several ways to provide this information and to configure the client machine to use SMT. The first way is to provide the needed information via kernel parameters at boot time. The second way is to configure clients using an AutoYaST profile. There is also a script distributed with Subscription Management Tool, clientSetup4SMT.sh, which can be run on a client to make it register against a specified SMT server. These methods are described in the following sections:
Any client can be configured to use SMT by providing the following
kernel parameters during machine boot: regurl
and
regcert
. The first parameter is mandatory, the latter
is optional.
URL of the SMT server. The URL needs to be in the following format:
https://
with FQDN
/center/regsvc/FQDN
being the fully qualified
hostname of the SMT server. It must be identical to the FQDN of the
server certificate used on the SMT server. Example:
regurl=https://smt.example.com/center/regsvc/
Location of the SMT server's CA certificate. Specify one of the following locations:
Remote location (http, https or ftp) from which the certificate can be downloaded. Example:
regcert=http://smt.example.com/smt.crt
Specifies a location on a floppy. The floppy has to be inserted at
boot time (you will not be prompted to insert it if it is missing).
The value must start with the string floppy
,
followed by the path to the certificate. Example:
regcert=floppy/smt/smt-ca.crt
Absolute path to the certificate on the local machine. Example:
regcert=/data/inst/smt/smt-ca.cert
Use ask
to open a pop-up menu during
installation where you can specify the path to the certificate. Do
not use this option with AutoYaST. Example:
regcert=ask
Use done
if either the certificate will be
installed by an add-on product, or if you are using a certificate
issued by an official certificate authority. Example:
regcert=done
![]() | Beware of Typing Errors |
---|---|
Make sure the values you enter are correct. If
If a wrong value for |
![]() | Change of SMT Server Certificate |
---|---|
If the SMT server gets a new certificate from a new and untrusted CA,
the clients need to fetch the new CA certificate file. This is done
automatically with the registration process but only if a URL was used
at installation time to retrieve the certificate, or if the
|
Clients can be configured to register with SMT server via AutoYaST profile. For general information about creating AutoYaST profiles and preparing automatic installation, refer to Chapter 21, Automated Installation. In this section, only SMT specific configuration is described.
To configure SMT specific data using AutoYaST, follow these steps:
As root
, start YaST and select + to start the graphical AutoYaST front-end.
From a command line, you can start the graphical AutoYaST front-end with the yast2 autoyast command.
Open an existing profile using
+ , create a profile based on the current system's configuration using + , or just work with an empty profile.Select
+ . An overview of the current configuration is shown.Click
.To register while installing automatically, select
. You can include information from your system with and .
Set the URL of the regurl
and regcert
(see
Section 16.1, “Using Kernel Parameters to Access an SMT Server”). The only exception is
that the ask
value for regcert
does not work in AutoYaST, because it requires user interaction. If using
it, the registration process will be skipped.
Perform all other configuration needed for the systems to be deployed.
Select autoinst.xml
.
The /usr/share/doc/packages/smt/clientSetup4SMT.sh script is provided with SMT. This script allows to configure a client machine to use a SMT server or to reconfigure it to use a different SMT server.
To configure a client machine to use SMT with the clientSetup4SMT.sh script, follow these steps:
Copy the
/usr/share/doc/packages/smt/clientSetup4SMT.sh
script from your SMT server to the client machine.
As root
, execute the script on the client machine. The script can
be executed in two ways. In the first case, the script name is followed
by the registration URL: ./clientSetup4SMT.sh
registration_URL
, for example,
./clientSetup4SMT.sh
https://smt.example.com/center/regsvc. In the second
case, the script name is followed by the --host
option
followed by hostname of the SMT server: ./clientSetup4SMT.sh
--host server_hostname
, for
example, ./clientSetup4SMT.sh --host
smt.example.com.
The script downloads the server's CA certificate. Accept it by pressing y.
The script performs all necessary modifications on the client. However, the registration itself is not performed by the script.
Perform a registration by executing suse_register or running yast2 inst_suse_register module on the client.
To configure a client to register against the test environment instead
the production environment, modify
/etc/suseRegister.conf
on the client machine by
setting:
register = command=register&testenv=1
For more information about using SMT with a test environment, refer to the Subscription Management Tool Guide.