Feature #19747: Proper support for non-self-signed webserver certificates. - Installer - Foreman

Actions

Copy link

Feature #19747

open

Proper support for non-self-signed webserver certificates.

Added by Han Boetes about 7 years ago. Updated almost 7 years ago.

Status:

New

Priority:

Normal

Assignee:

Category:

Target version:

Difficulty:

Triaged:

Bugzilla link:

Pull request:

Fixed in Releases:

Found in Releases:

Foreman - 1.15.0

Red Hat JIRA:

Description

With help from these two articles

https://alexshepherd.me/articles/changing-foremans-ssl-certificate
https://theforeman.org/2015/11/foreman-ssl.html

And the comment from Andreas Wegmann on the last page:

After diving into the source code for node.rb I found that the function initialize_http() checks, if there is ":ssl_ca" set in the /etc/puppet/foreman.yaml. If this parameter is not set, it does not try to verify the https connection to foreman. So removing or commenting this line fixed the problem.

I managed to get the foreman webinterface working with an official certificate, and puppet working as well. But the current solution feels very hackisch.

I would really like to see official certificates properly supported from within the installer and I'd like to read about it in the documentation.

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

Foreman » Installer

Custom queries

Feature #19747

Proper support for non-self-signed webserver certificates.

Updated by Thomas Sanders almost 7 years ago

Updated by Thomas Sanders almost 7 years ago

Updated by Han Boetes almost 7 years ago

Updated by Daniel Lobato Garcia almost 7 years ago

Updated by Dominic Cleal almost 7 years ago