Make SSL requirement optional for method ":show" in hosts_controller
Working on the rundeck integration I noticed it's quite hard to make the hosts_controller :show work through SSL. This is not a Foreman issue but, because the I don't really see critical risks with this, I'm suggesting this as a "feature" :
The possibility to read host information via the API with or without SSL adding an exception to :show in "app/controllers/hosts_controller.rb"
skip_before_filter :require_ssl, :only => ANONYMOUS_ACTIONS + [:show]
PS: I'm submitting the patch in a moment.
@Ohad: If you see that as a problem, is there a way to bypass SSL only for rundeck ?
#2 Updated by Marcello de Sousa over 7 years ago
Ok, so after hours of trying to make rundeck accept a self signed certificate I finally discovered how to do it. using keytool you have to import foreman's certificate to the java's keystore. In my Centos 6 machine it looks like this:
> keytool -importcert -file /etc/httpd/conf.d/foreman.crt -keystore /usr/lib/jvm/java-1.6.0-openjdk-188.8.131.52.x86_64/jre/lib/security/cacerts -alias foreman -storepass changeit
Then restart rundeck.
If you don't do it, you might get an error similar to :
PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
With this issue solved, this ticket becomes obsolete and I guess it can be closed.