Foreman » Installer

Cloned from https://bugzilla.redhat.com/show_bug.cgi?id=1857176

Description of problem:
Satellite 6.8 capsule-certs-generate does not include cname in apache certificates when specified via --foreman-proxy-cname'

Version-Release number of selected component (if applicable):
Satellite 6.8.0

How reproducible:
Always

Steps to Reproduce:
1. Setup: 1 Sattelite and 2 capsules(puppet ca capsule + normal capsule) with a loadbalancer and a client
2. Referring to https://access.redhat.com/documentation/en-us/red_hat_satellite/6.7/html-single/load_balancing_guide/index#configuring-capsule-server-with-default-ssl-certificates-for-load-balancing-with-puppet (4.2)

Actual results:
Client is not able to register through subscription-manager. Resulting in "Unable to reach the server at <loadbalancer.example.com>:8443/rhsm"

Expected results:
Client should be able to register through subscription-manager via loadbalancer

Additional info:
1. The certs on the capsules are missing the CNAME, which subscription-manager needs to register properly through the LB + capsule.
While viewing the cert with openssl, there is no DNS entry related to the loadbalancer. Unlike in 6.7 where it worked fine.

2. Please note the puppet command
#puppet cert generate capsule.example.com --dns_alt_names=loadbalancer.example.com is no longer functional.
Use `#puppetserver ca` instead