Project

General

Profile

Actions

Bug #35296

closed

Need to be able to provide custom cert for ISS for Red Hat CDN

Added by Partha Aji almost 2 years ago. Updated over 1 year ago.

Status:
Closed
Priority:
Normal
Assignee:
Category:
Inter Server Sync
Target version:
Fixed in Releases:
Found in Releases:

Description

Description of problem:

Assume we have an Upstream HTTP Server that is serving the extracted CDN ISO content and a Downstream Server that can only talk to that http server.

We need to be able specify custom ca cert (or ca credential) when we change the RedHat CDN url to the upstream url.

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
1. Get a content iso extracted in /var/www/html/pub/<myrepo> on some other box
2. Go to Subscriptions => Manage Manifest
3. Change the redhat cdn url to https://&lt;fqdn&gt;/pub/&lt;myrepo&gt;. Notice that you cannot specify the cert in this tab.
4. Go to Redhat Repositories and try expanding the available repositories.

Actual results:

You should get an error along the lines of
2022-07-28T18:01:33 [I|app|37e3cb19] CDN: Requesting path https://&lt;webserver&gt;:443/pub/repos/content/dist/rhel/server/7/listing
/opt/rh/rh-ruby27/root/usr/share/ruby/net/protocol.rb:44: warning: exception in verify_callback is ignored
2022-07-28T18:01:33 [E|app|37e3cb19] Failed at scanning for repository: SSL_connect returned=1 errno=0 state=error: certificate verify failed (self signed certificate in certificate chain)

Expected results:

Ability to see enabled repos from the store.

We may also need to be able to set a SSL CA Credential on the Manage Manifests.

Actions #1

Updated by Partha Aji almost 2 years ago

  • Bugzilla link set to 2112098
Actions #2

Updated by The Foreman Bot almost 2 years ago

  • Status changed from New to Ready For Testing
  • Assignee set to Partha Aji
  • Pull request https://github.com/Katello/katello/pull/10217 added
Actions #3

Updated by The Foreman Bot almost 2 years ago

  • Pull request https://github.com/Katello/hammer-cli-katello/pull/860 added
Actions #4

Updated by Partha Aji almost 2 years ago

  • Category set to Inter Server Sync
  • Target version set to Katello 4.6.0
  • Triaged changed from No to Yes
Actions #5

Updated by Chris Roberts over 1 year ago

  • Target version changed from Katello 4.6.0 to Katello 4.7.0
Actions #6

Updated by The Foreman Bot over 1 year ago

  • Fixed in Releases Katello 4.7.0 added
Actions #7

Updated by Partha Aji over 1 year ago

  • Status changed from Ready For Testing to Closed
Actions

Also available in: Atom PDF