The following additional requirements must be met before the RHN Proxy Server installation can be considered complete:
Client systems need full network access to the RHN Proxy Server services and ports.
The RHN Proxy Server solution can be firewalled from the Internet, but it must be able to issue outbound connections to the Internet on ports 80 and 443. In addition, if the Proxy will be connected to an RHN Satellite Server that will be configured to push actions to client systems and the Proxy, you must allow inbound connections on port 5222.
There is great time sensitivity when connecting to a Web server running SSL (Secure Sockets Layer); it is imperative the time settings on the clients and server are reasonably close together so the that SSL certificate does not expire before or during use. It is recommended that Network Time Protocol (NTP) be used to synchronize the clocks.
The system upon which the RHN Proxy Server will be installed must resolve its own FQDN properly.
Customers who will be connecting to the central Red Hat Network Servers to receive incremental updates must have a Red Hat Network account. The sales representative assists with the setup of this account at the time of purchase.
It is imperative that customers keep track of all primary login information. For RHN Proxy Server, this includes usernames and passwords for the Organization Administrator account and SSL certificate generation. Red Hat strongly recommends this information be copied onto two separate floppy disks, printed out on paper, and stored in a fireproof safe.
Since the Proxy forwards virtually all local HTTP requests to the central RHN Servers, you must take care to put files destined for distribution (such as in a kickstart installation tree) in the non-forwarding location on the Proxy: /var/www/html/pub/. Files placed in this directory can be downloaded directly from the Proxy. This can be especially useful for distributing GPG keys or establishing installation trees for kickstarts.
In addition, Red Hat recommends that the system running the code not be publicly available. No users but the system administrators should have shell access to these machines. All unnecessary services should be disabled. You can use ntsysv or chkconfig to disable services.
Finally, you should have the following technical documents in hand for use in roughly this order:
The RHN Proxy Server Installation Guide — This guide, which you are now reading, provides the essential steps necessary to get an RHN Proxy Server up and running.
The RHN Client Configuration Guide — This guide explains how to configure the systems to be served by an RHN Proxy Server or RHN Satellite Server. (This will also likely require referencing The RHN Reference Guide, which contains steps for registering and updating systems.)
The RHN Channel Management Guide — This guide identifies in great detail the recommended methods for building custom packages, creating custom channels, and managing private Errata.
The RHN Reference Guide — This guide describes how to create RHN accounts, register and update systems, and use the RHN website to its utmost potential. This guide will probably come in handy throughout the installation and configuration process.