Project

General

Profile

Actions
Copy link

Bug #16392

open

Katello should have a single way to manage CA certificates that it uses

Added by Chris Duryee over 8 years ago. Updated 8 months ago.

Status:
New
Priority:
Normal
Assignee:
Chris Duryee
Category:
Inter Server Sync
Target version:
-
Difficulty:
medium
Triaged:
Bugzilla link:
1324449
Pull request:
Fixed in Releases:
Found in Releases:
Red Hat JIRA:

Description

There are two areas of code that make HTTPS calls to repositories:

  • the katello part that browses the CDN on the repo enable page
  • the pulp part that actually fetches the data

The Katello part uses redhat-uep.pem when making CDN calls. However, the Pulp portion uses the system's trust store. This means that URLs like https://dl.fedoraproject.org will work, but internal URLs in a data center will not, since the internal URL does not use redhat-uep.pem for its CA.

Ideally, Katello would have some kind of CA management to manage both of these areas, either via the web UI or via command-line.

Actions
Copy link
 #1

Updated by Justin Sherrill over 8 years ago

  • Translation missing: en.field_release set to 114
  • Difficulty set to medium
Actions
Copy link
 #2

Updated by Ian Ballou 8 months ago

  • Target version deleted (Katello Backlog)
Actions
Copy link

Also available in: Atom PDF