Doc Text:
|
Doc team: Please see the discussion on doc bug 1385617. Copying the commit message text of the main patch for current bug, which explains what the patch does. As is common in git commits, this is in imperative style, not doc style. Feel free to keep content but convert style, or write your own. With this bug fixed, the change for doc bug 1385617 will be just a single small item (to restart the proxy). Commit message follows:
packaging: setup: proxy: Use apache pki instead of own
Use apache httpd key/cert/ca_cert instead of engine-ca-generated ones.
This should make it easier to use:
- If using engine-ca for apache, user most likely already approved it
in the browser when logging in, so will not have to handle again for
imageio.
- If using 3rd party CA for apache, CA cert likely already added to the
browser.
In a normal upgrade, where the user didn't touch the conf manually,
notify the user and update the proxy conf.
In an upgrade where the user changed the conf manually after setup,
create a new file with a different name and notify the user, suggesting
to check the diff and update.
In an upgrade where the user changed the conf manually after setup, but
changed it to have the content we want it to have with current patch,
only log, but still "update" the file, so that a following setup or
especially cleanup will consider the file "ok" (not changed manually).
The only case that will be broken by current patch is if a user needs,
for some reason, two different certs for the two different https
services on two different ports, on the engine machine. In a discussion
in bugzilla it was decided that this is not an issue.
|