Feature #14962
Support wild card certificates for proxy client authentication
Description
We use SSL certificates for smart proxies to authenticate against Foreman. Usually certificates are created by Puppet CA and the CN is FQDN of the proxy host. But we also have support for custom certificates and we support alternative names. Similarly we should support wildcard certificates, so if CN is "*.example.tst" it should match "proxy.example.tst". On one hand it allows using same certificate for more proxies which means imported reports might not be linked correctly but we already allow that through alternative names.
Associated revisions
History
#1
Updated by The Foreman Bot about 6 years ago
- Status changed from Assigned to Ready For Testing
- Pull request https://github.com/theforeman/foreman/pull/3502 added
#2
Updated by Marek Hulán about 6 years ago
- Status changed from Ready For Testing to Closed
- % Done changed from 0 to 100
Applied in changeset f8a870d936918257e7927ebcde401731e8caf6a9.
#3
Updated by Dominic Cleal almost 6 years ago
- Legacy Backlogs Release (now unused) set to 136
Fixes #14962 - support wildcard certs for proxy authentication