Bug #11726
closed
Installer --foreman-proxy-puppet-ssl-* flags applied to wrong settings file
Description
Foreman-installer only applies --foreman-proxy-ssl-ca, --foreman-proxy-ssl-cert and/or --foreman-proxy-ssl-key to /etc/foreman-proxy/settings.yaml but not to /etc/foreman-proxy/settings.d/puppet.yaml. Since it seems that settings.d/* config files overrule settings.yaml this means that these values are effectively not applied.
My use case is to overrule the SSL dir everywhere because I'm putting it on a different disk. With these values not being effective importing environments from the proxy is not possible. Foreman will throw a ERF12-2749 error and foreman-proxy log will state:
ERROR -- : Failed to list puppet environments: Cannot find puppet_ssl_ca file /var/lib/puppet/ssl/certs/ca.pem
"GET /puppet/environments HTTP/1.1"
Updated by Dominic Cleal over 8 years ago
- Project changed from Foreman to Installer
- Status changed from New to Need more information
- Priority changed from High to Normal
I think you may be confusing two different sets of configuration options.
--foreman-proxy-ssl-* are used in settings.yml and control the key used for the smart proxy HTTPS daemon.
--foreman-proxy-puppet-ssl-* are used in puppet.yml when the smart proxy accesses the Puppet API. If they're not supplied then the installer will default to the values of the former, but if you're changing them then you probably also need to specify these.
Updated by Tom Verdaat over 8 years ago
Thanks! You were right. Corrected this and it works now. The bug can be closed as invalid!
Updated by Dominic Cleal over 8 years ago
- Status changed from Need more information to Rejected
Thanks!