Red Hat Bugzilla – Bug 1252528
custom certificate procedure is not clear on what is customized
Last modified: 2015-12-03 10:47:48 EST
Section Number and Name:
220.127.116.11. Configuring Red Hat Satellite with a Custom Server Certificate
Describe the issue:
The text states "katello-installer comes with a default CA used both for the server ssl certificates as well as the client certificates used for authentication of the subservices. These certificates can be replaced with custom ones"
This can be read as that the installer gives the option to use custom ca certificate to have stallite act as a intermediate ca. However, this is only for the server and client certificates
Suggestions for improvement:
""katello-installer comes with a default CA used both for the server ssl certificates as well as the client certificates used for authentication of the subservices. The server and client certificates can be replaced with custom ones"
Also, it might be a good idea to have example openssl statements and such to explain exactly how to produce the 4 files that are needed by the installer. Not everyone is a ssl guru. What are the requirements for the server and client cert such that the customer knows how to generate the correct certs?