Bug 1252528 - custom certificate procedure is not clear on what is customized
custom certificate procedure is not clear on what is customized
Status: CLOSED CURRENTRELEASE
Product: Red Hat Satellite 6
Classification: Red Hat
Component: Docs Install Guide (Show other bugs)
6.1.0
Unspecified Unspecified
unspecified Severity high (vote)
: Unspecified
: --
Assigned To: Peter Ondrejka
Russell Dickenson
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2015-08-11 11:55 EDT by Fred van Zwieten
Modified: 2015-12-03 10:47 EST (History)
4 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2015-10-13 09:27:50 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Fred van Zwieten 2015-08-11 11:55:00 EDT
Document URL: 
https://access.redhat.com/documentation/en-US/Red_Hat_Satellite/6.1/html-single/Installation_Guide/index.html#form-Red_Hat_Satellite-Installation_Guide-Prerequisites-Base_Operating_System

Section Number and Name: 
2.2.3.2. Configuring Red Hat Satellite with a Custom Server Certificate

Describe the issue:
The text states "katello-installer comes with a default CA used both for the server ssl certificates as well as the client certificates used for authentication of the subservices. These certificates can be replaced with custom ones"

This can be read as that the installer gives the option to use custom ca certificate to have stallite act as a intermediate ca. However, this is only for the server and client certificates

Suggestions for improvement:
""katello-installer comes with a default CA used both for the server ssl certificates as well as the client certificates used for authentication of the subservices. The server and client certificates can be replaced with custom ones"

Also, it might be a good idea to have example openssl statements and such to explain exactly how to produce the 4 files that are needed by the installer. Not everyone is a ssl guru. What are the requirements for the server and client cert such that the customer knows how to generate the correct certs?

Additional information:

Note You need to log in before you can comment on or make changes to this bug.