Project

General

Profile

Feature #29892

Automatically use the server certificates for websockets

Added by Ewoud Kohl van Wijngaarden 3 months ago. Updated about 2 months ago.

Status:
Closed
Priority:
Normal
Category:
Foreman modules
Target version:
-
Difficulty:
Triaged:
Yes
Bugzilla link:
Fixed in Releases:
Found in Releases:

Description

When specifying custom server certificates, the following options can be used:

    --foreman-server-ssl-ca /path/to/cacert.crt \
    --foreman-server-ssl-chain /path/to/cacert.crt \
    --foreman-server-ssl-cert /path/to/foreman.example.com.crt \
    --foreman-server-ssl-key /path/to/foreman.example.com.key \
    --foreman-server-ssl-crl "" \
    --foreman-websockets-ssl-cert /path/to/foreman.example.com.crt \
    --foreman-websockets-ssl-key /path/to/foreman.example.com.key \

In practice you almost always want the websockets cert + key to match the server cert + key. It would be easier for the user if this didn't need to be specified.

Associated revisions

Revision 2dc5e7d8 (diff)
Added by Ewoud Kohl van Wijngaarden 3 months ago

Fixes #29892 - Use server certs for websockets

Prior to this the user needed to specify the certs both for the server
and websockets. In practice these are pretty much always the same files.
By using undef + pick() the option to specify these is maintained, but
the defaults are better.

History

#1 Updated by The Foreman Bot 3 months ago

  • Assignee set to Ewoud Kohl van Wijngaarden
  • Status changed from New to Ready For Testing
  • Pull request https://github.com/theforeman/puppet-foreman/pull/846 added

#2 Updated by The Foreman Bot 3 months ago

  • Fixed in Releases 2.2.0 added

#3 Updated by Ewoud Kohl van Wijngaarden 3 months ago

  • Status changed from Ready For Testing to Closed

#4 Updated by Tomer Brisker about 2 months ago

  • Fixed in Releases 2.1.0 added
  • Fixed in Releases deleted (2.2.0)

Also available in: Atom PDF