Bug 1310503

Summary: Update section about curl and CA store
Product: Red Hat Satellite Reporter: David O'Brien <daobrien>
Component: Docs API GuideAssignee: David O'Brien <daobrien>
Status: CLOSED CURRENTRELEASE QA Contact: Russell Dickenson <rdickens>
Severity: low Docs Contact:
Priority: unspecified    
Version: NightlyCC: adahms
Target Milestone: Unspecified   
Target Release: Unused   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2016-04-28 00:10:48 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description David O'Brien 2016-02-22 04:04:57 UTC
Description of problem:

Taken from BZ 1275128


(In reply to David O'Brien from comment #19)
> Section 2.1 Using SSL Authentication
> Use   the following command to permanently include the certificate in the
> curl CA store: 
> 
> # certutil -d sql:$HOME/.pki/nssdb -A -t TC -n "Red Hat   Satellite" -i
> /path/to/ca-cert-file 
> 
> Shouldn't that read something like "to include the certificate in the CA
> store that curl can access"? Does curl have a CA store?

Yes, you're correct. That is not a CA-store owned by curl, but rather it is one that curl can access to verify hosts that lives in your $HOME. I tried this myself just to double-check that I could then curl without needing the -k option afterwards.

# create a new DB if you don't already have one
$ certutil -N -d sql:$HOME/.pki/nssdb

$ certutil -d sql:$HOME/.pki/nssdb -A -t TC -n "Red Hat Satellite" -i /path/to/ca-cert

$ curl -X GET -u admin:changeme https://satellite6.example.com/api/v2/hosts
{
  "total": 2,
  ...,
  "results": [
    ...
  ]
}

success!



Additional info:


Document URL: 

Section Number and Name: 

Describe the issue: 

Suggestions for improvement: 

Additional information:

Comment 2 Andrew Dahms 2016-04-28 00:10:48 UTC
This content is now live on the Customer Portal.

Closing.