Project

General

Profile

Feature #14962

Support wild card certificates for proxy client authentication

Added by Marek Hulán over 4 years ago. Updated over 2 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Marek Hulán
Category:
Authentication
Target version:
1.12.0
Difficulty:
Triaged:
Bugzilla link:
Pull request:
https://github.com/theforeman/foreman/pull/3502
Fixed in Releases:
Found in Releases:

Description

We use SSL certificates for smart proxies to authenticate against Foreman. Usually certificates are created by Puppet CA and the CN is FQDN of the proxy host. But we also have support for custom certificates and we support alternative names. Similarly we should support wildcard certificates, so if CN is "*.example.tst" it should match "proxy.example.tst". On one hand it allows using same certificate for more proxies which means imported reports might not be linked correctly but we already allow that through alternative names.

Associated revisions

Revision f8a870d9 (diff)
Added by Marek Hulán over 4 years ago

Fixes #14962 - support wildcard certs for proxy authentication

History

#1 Updated by The Foreman Bot over 4 years ago

  • Status changed from Assigned to Ready For Testing
  • Pull request https://github.com/theforeman/foreman/pull/3502 added

#2 Updated by Marek Hulán over 4 years ago

  • Status changed from Ready For Testing to Closed
  • % Done changed from 0 to 100

#3 Updated by Dominic Cleal over 4 years ago

  • Legacy Backlogs Release (now unused) set to 136

Also available in: Atom PDF