Bugzilla will be upgraded to version 5.0. The upgrade date is tentatively scheduled for 2 December 2018, pending final testing and feedback.
First Last Prev Next    This bug is not in your last search results.
Bug 1544995 - Satellite installer should enable options to allow me to secure the SSLProtocols used by Tomcat
Satellite installer should enable options to allow me to secure the SSLProtoc...
Status: CLOSED ERRATA
Product: Red Hat Satellite 6
Classification: Red Hat
Component: Installer (Show other bugs)
Unspecified
Unspecified Unspecified
high Severity medium (vote)
: 6.3.1
: Unused
Assigned To: satellite6-bugs
Sanket Jagtap
: PrioBumpGSS, Triaged
: 1477666 (view as bug list)
Depends On:
Blocks: 1545876
  Show dependency treegraph
 
Reported: 2018-02-13 20:05 EST by Rich Jerrido
Modified: 2018-04-13 09:53 EDT (History)
9 users (show)

See Also:
Fixed In Version: katello-installer-base-3.4.5.27-1
Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2018-04-13 09:29:48 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)


External Trackers
Tracker ID Priority Status Summary Last Updated
Red Hat Knowledge Base (Solution) 26833 None None None 2018-04-13 09:53 EDT
Foreman Issue Tracker 22567 None None None 2018-02-13 20:07 EST
Github theforeman/puppet-candlepin/pull/96 None None None 2018-03-13 12:39 EDT
Red Hat Product Errata RHBA-2018:1126 None None None 2018-04-13 09:31 EDT

  None (edit)
Description Rich Jerrido 2018-02-13 20:05:55 EST 
Description of problem:

In the Satellite use case, the server.xml file for Tomcat is configured/managed via puppet. 

I would like the sslProtocols & sslEnabledProtocols values to be exposed as puppet parameters so that I can override them with custom hiera.
Comment 4 Tomer Brisker 2018-02-22 03:18:02 EST 
*** Bug 1477666 has been marked as a duplicate of this bug. ***
Comment 8 Sanket Jagtap 2018-03-28 05:01:24 EDT 
Build: Satellite 6.3.1 snap1


grep candlepin /etc/foreman-installer/custom-hiera.yaml
candlepin::tls_versions: ['1.2', '1.3']
[root@sgi-uv20-01 ~]# grep /etc/
Display all 273 possibilities? (y or n)
[root@sgi-uv20-01 ~]# grep ssl /etc/tomcat/server.xml 
               sslProtocols="TLSv1.2"
               sslEnabledProtocols="TLSv1.2"
[root@sgi-uv20-01 ~]# satellite-installer 
Installing             Done                                               [100%] [................................................................................................................................]
  Success!
  * Satellite is running at https://sat-host

  * To install an additional Capsule on separate machine continue by running:

      capsule-certs-generate --foreman-proxy-fqdn "$CAPSULE" --certs-tar "/root/$CAPSULE-certs.tar"

  * To upgrade an existing 6.2 Capsule to 6.3:
      Please see official documentation for steps and parameters to use when upgrading a 6.2 Capsule to 6.3.

  The full log is at /var/log/foreman-installer/satellite.log
[root@sgi-uv20-01 ~]# grep ssl /etc/tomcat/server.xml 
               sslProtocols="TLSv1.2,TLSv1.3"
               sslEnabledProtocols="TLSv1.2,TLSv1.3"
Comment 10 errata-xmlrpc 2018-04-13 09:29:48 EDT 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2018:1126
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.