Bug #28888: Extra apache configuration needed for cert-based docker syncing - Installer - Foreman

Actions

Copy link

Bug #28888

closed

Extra apache configuration needed for cert-based docker syncing

Added by Justin Sherrill over 4 years ago. Updated over 4 years ago.

Status:

Closed

Priority:

Normal

Assignee:

Justin Sherrill

Category:

Foreman modules

Target version:

Difficulty:

Triaged:

Bugzilla link:

Pull request:

https://github.com/theforeman/puppet-katello/pull/319

Fixed in Releases:

Foreman - 2.0.0

Found in Releases:

Red Hat JIRA:

Description

In order to pull docker content in an authenticated way, some extra config is required in apache under the 443 virtual host:

RequestHeader set SSL_CLIENT_I_DN "%{SSL_CLIENT_I_DN}s"
RequestHeader set SSL_CLIENT_VERIFY "%{SSL_CLIENT_VERIFY}s"
RequestHeader set SSL_SERVER_S_DN_OU "%{SSL_SERVER_S_DN_OU}s"
RequestHeader set SSL_CLIENT_S_DN "%{SSL_CLIENT_S_DN}s"
RequestHeader set SSL_CLIENT_S_DN_X509 "%{SSL_CLIENT_S_DN_X509}s"

We can wrap it in <Location /v2/> ... </Location> if we want to minimize exposure.

Related issues 1 (0 open — 1 closed)

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

Foreman » Installer

Custom queries

Bug #28888

Extra apache configuration needed for cert-based docker syncing

Updated by The Foreman Bot over 4 years ago

Updated by Justin Sherrill over 4 years ago

Updated by The Foreman Bot over 4 years ago

Updated by Justin Sherrill over 4 years ago