Bug #32288
Server CA cert not verified for IPA token API call
Difficulty:
Triaged:
Yes
Bugzilla link:
Pull request:
Description
Smart proxy ignores CA server certificate for a HTTPS call to IPA when fetching the token:
There should be a setting to verify CA cert (enabled by default), an installer option and instructions in our documentation on how to enroll na CA cert into the OS cert store.
This issue was reported by Evgeni Golov, thank you.
Related issues
Associated revisions
History
#1
Updated by Lukas Zapletal almost 2 years ago
- Related to Feature #32289: Option to toggle IPA API server CA verification added
#2
Updated by The Foreman Bot almost 2 years ago
- Assignee set to Lukas Zapletal
- Status changed from New to Ready For Testing
- Pull request https://github.com/theforeman/smart-proxy/pull/787 added
#3
Updated by The Foreman Bot almost 2 years ago
- Fixed in Releases 2.5.0 added
#4
Updated by Anonymous almost 2 years ago
- Status changed from Ready For Testing to Closed
Applied in changeset 3bf19e08f3d1de1666aa2dabc1d2f7e88e1139ad.
#5
Updated by Lukas Zapletal almost 2 years ago
- Bugzilla link set to 1948006
- Triaged changed from No to Yes
#6
Updated by The Foreman Bot over 1 year ago
- Pull request https://github.com/theforeman/smart-proxy/pull/792 added
#7
Updated by Ewoud Kohl van Wijngaarden over 1 year ago
- Pull request deleted (
https://github.com/theforeman/smart-proxy/pull/792)
Fixes #32288 - verify FreeIPA CA by default and new setting