Bug 1463659 - Use baseurl=http://... instead of https:// in generated repofiles
Summary: Use baseurl=http://... instead of https:// in generated repofiles
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: Red Hat Internal Copr
Classification: Internal
Component: frontend
Version: unspecified
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
Assignee: Pavel Raiskup
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2017-06-21 12:34 UTC by Pavel Raiskup
Modified: 2018-09-20 19:07 UTC (History)
4 users (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed: 2018-09-19 12:01:15 UTC
Embargoed:


Attachments (Terms of Use)
cloud-init YAML sample that installs RH CA (4.29 KB, text/plain)
2018-09-20 19:07 UTC, Ken Dreyer (Red Hat)
no flags Details

Description Pavel Raiskup 2017-06-21 12:34:27 UTC
It is common that repofiles are needed on temporary installed virtual
machines, and it is not uncommon that the Red Hat authority is not set to
be trusted in such environment (copr's ssl certificates are signed by
Red Hat root authority).

Still, it would be nice if generated repo files worked everywhere -- which
means not requiring ssl since for internal service it is unlikely to get
ssl certificate signed by trusted external authority.

Comment 1 Michal Bocek 2018-01-03 17:45:14 UTC
Another option to consider is to add sslverify=0 to the .repo files and leave the https in the URL.

Comment 2 Pavel Raiskup 2018-09-19 08:56:37 UTC
Upstream proposal:
https://pagure.io/copr/copr/pull-request/410

Comment 3 Pavel Raiskup 2018-09-19 12:01:15 UTC
Downstream patched for now.  And later we'll update to PR 410 (whatever
there will be).

Comment 4 Ken Dreyer (Red Hat) 2018-09-20 19:07:15 UTC
Created attachment 1485267 [details]
cloud-init YAML sample that installs RH CA

Kind of a bummer that installing the Red Hat CA in temporary virtual machines was such a hassle. Here's the cloud-init settings that I use to install the CA on RHEL 6 and RHEL 7 nodes.


Note You need to log in before you can comment on or make changes to this bug.