Project

General

Profile

Actions

Bug #16392

open

Katello should have a single way to manage CA certificates that it uses

Added by Chris Duryee over 7 years ago. Updated over 5 years ago.

Status:
New
Priority:
Normal
Assignee:
Category:
Inter Server Sync
Target version:
Difficulty:
medium
Triaged:
Fixed in Releases:
Found in Releases:

Description

There are two areas of code that make HTTPS calls to repositories:

  • the katello part that browses the CDN on the repo enable page
  • the pulp part that actually fetches the data

The Katello part uses redhat-uep.pem when making CDN calls. However, the Pulp portion uses the system's trust store. This means that URLs like https://dl.fedoraproject.org will work, but internal URLs in a data center will not, since the internal URL does not use redhat-uep.pem for its CA.

Ideally, Katello would have some kind of CA management to manage both of these areas, either via the web UI or via command-line.

Actions #1

Updated by Justin Sherrill over 7 years ago

  • translation missing: en.field_release set to 114
  • Difficulty set to medium
Actions

Also available in: Atom PDF