Feature #16720
closed
Create DH parameter and setup foremans vhost config with it
Description
Since you are aware of this issue: [[https://tickets.puppetlabs.com/browse/SERVER-17]], I think foreman installer should trigger the creation of a custom dhparam and setup the foreman vhost config with it.
This would create a better "out of the box" experience. Now it is like: install a current version of a Linux distribution, install foreman, attach some hosts to puppet... hmmm damn no reports from puppet... browse the log files ... find the java dh parameter exception ... do some googling... find the thread mentionen above... try to fix it
You could use openssl for creation, e.g.: openssl dhparam -out dhparam.pem 2048 -dsaparam (dsaparam makes it much faster)
Updated by Anonymous over 6 years ago
- Category changed from foreman-installer script to Foreman modules
- Status changed from New to Rejected
- Difficulty deleted (
easy)
the underlying problem is fixed with Puppetserver 5.x
Updated by Christian Schmitt over 6 years ago
Could you provide some more details? Where are these infos from?
IMHO it's more a problem with Java in relation to the apache configuration of the foreman vhost.
What would it have to do with Puppetserver? Is Puppetserver not implemented in Java anymore?
Updated by Anonymous over 6 years ago
I can only say it's working just fine out of the box with PS5, I guess they switched to deploy the Bouncycastle security provider or something similar in the Puppetserver JAR.