Bug 852452
Summary: | candlepin-ca.key is readable by apache | ||
---|---|---|---|
Product: | Red Hat Satellite | Reporter: | Miroslav Suchý <msuchy> |
Component: | Installation | Assignee: | Katello Bug Bin <katello-bugs> |
Status: | CLOSED CURRENTRELEASE | QA Contact: | Katello QA List <katello-qa-list> |
Severity: | unspecified | Docs Contact: | |
Priority: | unspecified | ||
Version: | 6.0.0 | CC: | bkearney, lzap, mmccune |
Target Milestone: | Unspecified | Keywords: | Triaged |
Target Release: | Unused | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2014-08-12 07:20:27 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Miroslav Suchý
2012-08-28 14:17:09 UTC
We use the cert+key in our apache conf for the default setup: grep candlepin /etc/httpd/conf.d/katello.conf SSLCertificateFile /etc/candlepin/certs/candlepin-ca.crt SSLCertificateKeyFile /etc/candlepin/certs/candlepin-ca.key SSLCaCertificateFile /etc/candlepin/certs/candlepin-ca.crt perhaps there is a better way to set this up so we don't have todo this I wonder there is no other way. We need to use candlepin CA. I think we can close this: [root@sat6 certs]# find / -name candlepin-ca.key <EMPTY> [root@sat6 certs]# pwd /etc/pki/katello/certs [root@sat6 certs]# ls -lah total 44K drwxr-xr-x. 2 root foreman 4.0K Aug 8 14:12 . drwxr-xr-x. 5 root foreman 4.0K Aug 8 14:13 .. -rw-r--r--. 1 root root 5.4K Aug 8 14:12 java-client.crt -rw-r--r--. 1 root root 5.4K Aug 8 14:03 katello-apache.crt -rw-r--r--. 1 root foreman 5.3K Aug 8 14:03 katello-ca.crt -rw-r--r--. 1 root root 1.8K Aug 8 14:03 katello-ca-stripped.crt -rw-r--r--. 1 root root 5.4K Aug 8 14:12 sat6.rdu.redhat.com-qpid-broker.crt Yes. [root@nightly ~]# id foreman uid=497(foreman) gid=498(foreman) groups=498(foreman),52(puppet) [root@nightly ~]# id apache uid=48(apache) gid=48(apache) groups=48(apache) |