Bug 794778

Summary: New pulp config option ssl_ca_certificate needs to be set by katello installer
Product: [Retired] Katello Reporter: James Slagle <jslagle>
Component: InstallerAssignee: Lukas Zapletal <lzap>
Status: CLOSED UPSTREAM QA Contact: Katello QA List <katello-qa-list>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 2.0CC: bkearney
Target Milestone: ---Keywords: Triaged
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2012-07-17 13:09:43 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:

Description James Slagle 2012-02-17 15:44:55 UTC 
There is a new pulp config option called ssl_ca_certificate in /etc/pulp/pulp.conf.  This needs to be set by the Katello installer to the full path of the CA certificate that signed the pulp server's apache SSL certificate.  The path must be readable by the apache user.

This was added to address bug #790157.

Let me know if there are any questions.
Comment 1 James Slagle 2012-02-17 15:46:26 UTC 
This change will be introduced in Pulp version 1.0.
Comment 2 Lukas Zapletal 2012-04-02 14:32:45 UTC 
Is this the same as in /etc/httpd/conf.d/pulp.conf

SSLCACertificateFile /etc/candlepin/certs/candlepin-ca.crt
Comment 3 Lukas Zapletal 2012-04-02 14:53:06 UTC 
To the [security] section, right?
Comment 4 Lukas Zapletal 2012-04-02 14:57:46 UTC 
a391b55 794778 - option ssl_ca_certificate is set for pulp V1

Note to myself - to verify access a protected repo with yum, and make sure sslverify is set in the client's yum repo file.
Comment 5 Bryan Kearney 2012-07-17 13:09:43 UTC 
Moving all community bugs with fixes to closed.