Bug #8636
Need to include katello-default-ca-cert for docker
Difficulty:
Triaged:
Yes
Bugzilla link:
Pull request:
Description
The katello-default-ca.crt needs to get included at /etc/docker/certs.d/<sat-fqdn>:5000 on the Docker host.
We need an rpm similar to the http://<sat>/pub/katello-ca-consumer-latest.noarch.rpm to do this for us
Related issues
History
#1
Updated by Partha Aji over 8 years ago
- Blocks Tracker #7125: Docker Content Support added
#2
Updated by Eric Helms over 8 years ago
- Target version set to 62
- Legacy Backlogs Release (now unused) set to 14
- Triaged changed from No to Yes
#3
Updated by Eric Helms over 8 years ago
- Target version deleted (
62) - Legacy Backlogs Release (now unused) deleted (
14)
#4
Updated by Partha Aji about 8 years ago
Looks like I can add it to the default CA cert location (/etc/pki/tls/certs/ca-bundle.crt) and dont need a specific directory thing.
#5
Updated by Partha Aji about 8 years ago
Need to update the bootstrap rpm to do the following
1) Copy katello ca cert to /etc/pki/ca-trust/source/anchors
2) Run update-ca-trust on that machine.
#6
Updated by Partha Aji about 8 years ago
- Status changed from New to Ready For Testing
- Assignee set to Partha Aji
- Pull request https://github.com/Katello/puppet-certs/pull/49 added
- Pull request deleted (
)
#7
Updated by Partha Aji about 8 years ago
- Bugzilla link set to 1194019
#8
Updated by The Foreman Bot about 8 years ago
- Target version set to 67
#9
Updated by Justin Sherrill about 8 years ago
- Status changed from Ready For Testing to Closed
- % Done changed from 0 to 100
Applied in changeset katello-installer|c66aed02f91f5c7b6f9aa8f0dc03938a7ceaaf8b.
#10
Updated by Eric Helms almost 8 years ago
- Blocks Feature #7925: As a docker user, I'd like to be able to 'docker pull' content from katello added
#11
Updated by Eric Helms almost 8 years ago
- Legacy Backlogs Release (now unused) set to 31
fixes #8636 - Katello CA cert now trusted system wide
This commit adds the katello ca trust pem to the system wide trust store
so that services like docker can now use it