Use secure websockets for console access
|Assigned To:||Daniel Lobato Garcia|
|Target version:||Sprint 26|
|Found in release:||Pull request:||https://github.com/theforeman/foreman/pull/1024|
|Velocity based estimate||-|
As documented in NoVNC under known issues:
when using Firefox, if you use foreman via https, firefox might block the connection (see limiations below), to fix it, goto about:config and enable network.websocket.allowInsecureFromHTTPS
Foreman defaults to https:// only, so every firefox user runs into this. It would also increase security if all console access was encrypted. Websockify does support it, so it's mostly a matter of passing the correct parameters. Ideally the used certificates would be overrideable through settings.yaml.
#9 Updated by Ewoud Kohl van Wijngaarden over 3 years ago
https://github.com/theforeman/puppet-foreman/pull/202 enables support by default in the installer.