Feature #29892
Automatically use the server certificates for websockets
Status:
Closed
Priority:
Normal
Assignee:
Category:
Foreman modules
Target version:
-
Fixed in Releases:
Found in Releases:
Description
When specifying custom server certificates, the following options can be used:
--foreman-server-ssl-ca /path/to/cacert.crt \
--foreman-server-ssl-chain /path/to/cacert.crt \
--foreman-server-ssl-cert /path/to/foreman.example.com.crt \
--foreman-server-ssl-key /path/to/foreman.example.com.key \
--foreman-server-ssl-crl "" \
--foreman-websockets-ssl-cert /path/to/foreman.example.com.crt \
--foreman-websockets-ssl-key /path/to/foreman.example.com.key \
In practice you almost always want the websockets cert + key to match the server cert + key. It would be easier for the user if this didn't need to be specified.
Associated revisions
History
#1
Updated by The Foreman Bot 3 months ago
Updated by - Assignee set to Ewoud Kohl van Wijngaarden
- Status changed from New to Ready For Testing
- Pull request https://github.com/theforeman/puppet-foreman/pull/846 added
#2
Updated by The Foreman Bot 3 months ago
- Fixed in Releases 2.2.0 added
#3
Updated by Ewoud Kohl van Wijngaarden 3 months ago
Updated by - Status changed from Ready For Testing to Closed
Applied in changeset puppet-foreman|2dc5e7d802e2a11e35bd1e34d28cce05195040ce.
#4
Updated by Tomer Brisker about 2 months ago
Updated by - Fixed in Releases 2.1.0 added
- Fixed in Releases deleted (
2.2.0)
Fixes #29892 - Use server certs for websockets
Prior to this the user needed to specify the certs both for the server
and websockets. In practice these are pretty much always the same files.
By using undef + pick() the option to specify these is maintained, but
the defaults are better.