The following additional requirements must be met before the RHN Proxy Server installation can be considered complete:
Full Access
Client systems need full network access to the RHN Proxy Server solution's services and ports.
Firewall Rules
The RHN Proxy Server solution can be firewalled from the Internet, but it must be able to issue outbound connections to the Internet on ports 80 and 443. In addition, if the Proxy will be connected to an RHN Satellite Server that will be configured to push actions to client systems and the Proxy, you must allow inbound connections on port 5222.
Synchronized System Times
There is great time sensitivity when connecting to a Web server running SSL (Secure Sockets Layer); it is imperative the time settings on the clients and server are reasonably close together so the SSL certificate does not expire before or during use. It is recommended Network Time Protocol (NTP) be used to synchronize the clocks.
Fully Qualified Domain Name (FQDN)
The system upon which the RHN Proxy Server will be installed must resolve its own FQDN properly. If this is not the case, cookies will not work properly on the website.
A Red Hat Network Account
Customers who will be connecting to the central Red Hat Network Servers to receive incremental updates will need an account with Red Hat Network. This account should be set up at the time of purchase with the sales representative.
Backups of Login Information
It is imperative customers keep track of all primary login information. For RHN Proxy Server, this includes usernames and passwords for the Organization Administrator account and SSL certificate generation. Red Hat strongly recommends this information be copied onto two separate floppy disks, printed out on paper, and stored in a fireproof safe.
Distribution Locations
Since the Proxy forwards virtually all HTTP requests to the central RHN Servers, you must take care to put files destined for distribution (such as in a kickstart installation tree) in one of two non-forwarding locations on the Proxy: /var/www/html/pub/ and /var/www/html/_rhn_proxy/. Files placed in these directories can be downloaded directly from the Proxy. This can be especially useful for distributing GPG keys or establishing installation trees for kickstarts.
In addition, Red Hat recommends the system running the code not be publicly available. No users but the system administrators should have shell access to these machines. All unnecessary services should be disabled. You can use ntsysv or chkconfig to disable services.
Finally, you should have the following technical documents in hand for use in roughly this order:
The RHN Proxy Server Installation Guide — This guide, which you are now reading, provides the essential steps necessary to get an RHN Proxy Server up and running.
The RHN Client Configuration Guide — This guide explains how to configure the systems to be served by an RHN Proxy Server or RHN Satellite Server. (This will also likely require referencing The RHN Reference Guide, which contains steps for registering and updating systems.)
The RHN Channel Management Guide — This guide identifies in great detail the recommended methods for building custom packages, creating custom channels, and managing private Errata.
The RHN Reference Guide — This guide describes how to create RHN accounts, register and update systems, and use the RHN website to its utmost potential. This guide will probably come in handy throughout the installation and configuration process.