Bug #14916: CDN url is allowed to be "https", which only works for one hostname - Katello - Foreman

Actions

Copy link

Bug #14916

closed

CDN url is allowed to be "https", which only works for one hostname

Added by Chris Duryee over 8 years ago. Updated over 6 years ago.

Status:

Closed

Priority:

Normal

Assignee:

Chris Duryee

Category:

Target version:

Katello 3.1.0

Difficulty:

Triaged:

Bugzilla link:

1320485

Pull request:

https://github.com/Katello/katello/pull/6016

Fixed in Releases:

Found in Releases:

Red Hat JIRA:

Description

Katello only ships with TLS CA certs for cdn.redhat.com¹. However, the CDN url edit page in the web UI allows for any HTTPS url. This causes confusion since users will put HTTPS, then later during sync, get a remote host verification error since the CA doesn't match the host.

For now, katello should only allow "http" URLs with the exception of "cdn.redhat.com". This catches TLS issues that may appear later during sync.

[1] https://github.com/Katello/katello/tree/master/ca

History
Notes
Property changes
Associated revisions

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

Plugins » Katello

Custom queries

Bug #14916

CDN url is allowed to be "https", which only works for one hostname

Updated by The Foreman Bot over 8 years ago

Updated by Eric Helms over 8 years ago

Updated by Chris Duryee over 8 years ago