Pulp consumer_ca_cert is now ca_cert
The puppet-pulp 1.0 module removed the consumer_ca_cert parameterin favor of ca_cert.
Merge pull request #61 from adamruzicka/10097-params_city
Fixes #10097 - Fixed references to city
Fixes #10670 - deploy the katello-default-ca as part of the bootstrap RPM
Updates from modulesync.
fixes #10350 - switch to qdrouterd user for certs + keys
The latest version of the Dispatch Router runs under the qdrouterduser instead of root as it previously did. This means the certs+keysall need to be owned by the qdrouterd user instead of qpidd.
Fixes #9888 - use random_password over generate_password
generate_password has a dependency on openssl.
Fixes #9699: Check for nssdb creation before running certutil.
Switches to checking for the nssb execute that creates the actualdatabase instead of just the directory that contains them. Thisprevents the following error on EL6:
certutil: function failed: SEC_ERROR_LEGACY_DATABASE: The...
fixes #8636 - Katello CA cert now trusted system wide
This commit adds the katello ca trust pem to the system wide trust storeso that services like docker can now use it
refs #9392 - pass options to foreman-rake config command correctly
Merge pull request #51 from stbenjam/8175
refs #8175 - certificates for dispatch router
Fixes #9392 - Substitute foreman-config (deprecated) for foreman-rake config
Refs #8756: Ensure server ca file exists before deploying.
Refs #7745: Deploy client cert bundle specifically for use by the Capsule.
Note this is a bundle since that is required by the reverse proxyfeature being added to the Capsule.
Merge pull request #41 from iNecas/issue/8372
Refs #8372 - generate client certificates to be used by the smart proxy
Refs #8756: Deploy the server_ca to the Capsule directories for RHSM.
This fixes an issue where for stand alone Capsules that didn't haveaccess to the server_ca (since it was not deployed) the bootstrapRPM would fail to be created. Further, this removes the unused...
Refs #8756: Allow configuring the RHSM port.
Fixes #8850 - import gutterball cert after katello nssdb exists
Fixes #8548 - add gutterball module
Merge pull request #38 from stbenjam/8261
fixes #8261 - use Default Organization for certificate org
Refs #8270: Let defaults be defined by params.
Merge pull request #36 from stbenjam/7558
refs #7558 - make CA readable by foreman and deploy CA crt to pub
Fixes #6544 - creates the qpidd_group param & updates filenames for amqp trustore andkeystores
Merge pull request #32 from iNecas/issue/7239
Fixes #7239 - make sure the qpid client cert is deployed before the pulp migrations
Refs #7104 - ensure the qpidd is really running before configuring it
Otherwise the connection to the qpid fails while running some migration file.This doesn't happen every-time, but I've already seen puppet ordering the stepsin this way....
Fixes #7210 - make sure the Package['pulp-server'] is defined
Otherwise, capsule-certs-generate is broken
Refs #6875 - deploy the server cert for the pulp node to verify the parent
Refs #6875 - separate the default CA and server CA
Up until now, we used the default CA for both server and client certificates.This made practically impossible to issue the server certificates outside ofthe installer and pass it in as arguments.
By default, the server CA is the same as default CA, unless the $server_ca_cert...
fixes #7007 - require pulp-server to be installed before cert work
otherwise /etc/pki/pulp wont exist when we try to add certs to/etc/pki/pulp/nodes
Refs #6418 - Fix keytool use for Java 6 compatibility.
The :file and :env modifiers for storepass, keypass, etc. were not addeduntil Java 7.
Merge pull request #18 from ehelms/fixes-5599
Fixes #5599: Set cert expirations to 20 years by default.
Refs #6418 - Minor fixes to Candlepin Qpid configuration.
- Add mode, owner, and group to AMQP cert directory.- Properly reference default_ca_name variable- Shorten exec type names
Refs #6418 - Set up certificates for Candlepin/Qpid integration.
Fixes #4650 - consumer cert alias for katello
Consumer cert alias stored as a variable so that puppet_katello can usethe cert name in the katello.yml template.
Fixes #6140 - support RHEL 7
Refs #5815 - make sure the required users are present
By making sure the packages that deploy users are there
Refs #5815 - generate certs for node qpid
Fixes #5486 - Fix prefix + url for rhsm BZ1092474
Fixes an issues where katello_devel module doesn't populated the prefixand candlepin url for rhsm templates correctly. This is becausekatello:params isn't available from puppet-katello_devel.
Refs #5423 - certs_tar required for now
Refs #5423 - deploy apache certificates for the Pulp child node
Refs #5423 - fix path to the node certificate
Refs #5423 - fix certs generation for capsule usage
Also, disable setting of katello repo for the certs till we supportpackage uploads again.
Parameterize node certs and removes reliance on directories not yet created.
Addresses changes made to katello-certs-tools regarding location ofcert generation and password arguments to katello-certs-tools. Proviescleanup and simplification of where and what certs are used as well aschanging the naming conventions to reflect the fact that Katello is...
Capsule related certs settings
Generate certs and configure certificates for capsule relatedstuff (smart-proxy, pulp node etc).
fixing perms on apache key cert
Provides clean up and ordering change of parameters to reduce dependencyon un-created directories.
adjusting the cert module to work with the new apache module
used by foreman
Make sure certs are deployed before httpd starts
Remove unused code
Clean code
Get certs work on one place
Fix city
And remove unnecessary code
Extract the code
Make certs module usable directly from kafo
Extract candlepin specific cert configs to candlepin module
Parameterizing the module and removing coupling to the Katello module.
Fix certs tar creation
Always create the tar with certs
node-install extract the tar
tar create and tar extract definitions
Extract node modules from katello-installer