Project

General

Profile

Actions
Copy link

Bug #28888

closed

Extra apache configuration needed for cert-based docker syncing

Added by Justin Sherrill about 4 years ago. Updated about 4 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Justin Sherrill
Category:
Foreman modules
Target version:
-
Difficulty:
Triaged:
No
Bugzilla link:
Pull request:
https://github.com/theforeman/puppet-katello/pull/319
Fixed in Releases:
Foreman - 2.0.0
Found in Releases:
Red Hat JIRA:

Description

In order to pull docker content in an authenticated way, some extra config is required in apache under the 443 virtual host:

RequestHeader set SSL_CLIENT_I_DN "%{SSL_CLIENT_I_DN}s"
RequestHeader set SSL_CLIENT_VERIFY "%{SSL_CLIENT_VERIFY}s"
RequestHeader set SSL_SERVER_S_DN_OU "%{SSL_SERVER_S_DN_OU}s"
RequestHeader set SSL_CLIENT_S_DN "%{SSL_CLIENT_S_DN}s"
RequestHeader set SSL_CLIENT_S_DN_X509 "%{SSL_CLIENT_S_DN_X509}s"

We can wrap it in <Location /v2/> ... </Location> if we want to minimize exposure.

Related issues 1 (0 open1 closed)

Blocks Installer - Tracker #28736: Use Pulp 3 for File and Container content in KatelloClosed

Actions
Actions
Copy link
 #1

Updated by The Foreman Bot about 4 years ago

  • Status changed from New to Ready For Testing
  • Pull request https://github.com/theforeman/puppet-katello/pull/319 added
Actions
Copy link
 #2

Updated by Justin Sherrill about 4 years ago

  • Blocks Tracker #28736: Use Pulp 3 for File and Container content in Katello added
Actions
Copy link
 #3

Updated by The Foreman Bot about 4 years ago

  • Fixed in Releases 2.0.0 added
Actions
Copy link
 #4

Updated by Justin Sherrill about 4 years ago

  • Status changed from Ready For Testing to Closed
Actions
Copy link

Also available in: Atom PDF