Project

General

Profile

Actions
Copy link

Feature #14962

closed

Support wild card certificates for proxy client authentication

Added by Marek Hulán over 7 years ago. Updated over 5 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Marek Hulán
Category:
Authentication
Target version:
1.12.0
Difficulty:
Triaged:
Bugzilla link:
Pull request:
https://github.com/theforeman/foreman/pull/3502
Fixed in Releases:
Found in Releases:
Red Hat JIRA:

Description

We use SSL certificates for smart proxies to authenticate against Foreman. Usually certificates are created by Puppet CA and the CN is FQDN of the proxy host. But we also have support for custom certificates and we support alternative names. Similarly we should support wildcard certificates, so if CN is "*.example.tst" it should match "proxy.example.tst". On one hand it allows using same certificate for more proxies which means imported reports might not be linked correctly but we already allow that through alternative names.

Actions
Copy link
 #1

Updated by The Foreman Bot over 7 years ago

  • Status changed from Assigned to Ready For Testing
  • Pull request https://github.com/theforeman/foreman/pull/3502 added
Actions
Copy link
 #2

Updated by Marek Hulán over 7 years ago

  • Status changed from Ready For Testing to Closed
  • % Done changed from 0 to 100
Actions
Copy link
 #3

Updated by Dominic Cleal over 7 years ago

  • translation missing: en.field_release set to 136
Actions
Copy link

Also available in: Atom PDF