Project

General

Profile

Actions

Bug #14916

closed

CDN url is allowed to be "https", which only works for one hostname

Added by Chris Duryee almost 8 years ago. Updated over 5 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Category:
-
Target version:
Difficulty:
Triaged:
Fixed in Releases:
Found in Releases:

Description

Katello only ships with TLS CA certs for cdn.redhat.com1. However, the CDN url edit page in the web UI allows for any HTTPS url. This causes confusion since users will put HTTPS, then later during sync, get a remote host verification error since the CA doesn't match the host.

For now, katello should only allow "http" URLs with the exception of "cdn.redhat.com". This catches TLS issues that may appear later during sync.

[1] https://github.com/Katello/katello/tree/master/ca

Actions #1

Updated by The Foreman Bot almost 8 years ago

  • Status changed from Assigned to Ready For Testing
  • Pull request https://github.com/Katello/katello/pull/6016 added
Actions #2

Updated by Eric Helms almost 8 years ago

  • translation missing: en.field_release set to 143
Actions #3

Updated by Chris Duryee almost 8 years ago

  • Status changed from Ready For Testing to Closed
  • % Done changed from 0 to 100
Actions

Also available in: Atom PDF