Document URL: https://access.redhat.com/documentation/en-us/red_hat_satellite/6.13/html-single/installing_satellite_server_in_a_connected_network_environment/index#deploying-a-custom-ssl-certificate-to-hosts_satellite Section Number and Name: Section 4.13.3, “Deploying a Custom SSL Certificate to Hosts” Describe the issue: Update the doc with the correct steps on how to update client certs post updating custom certs on the satellite as the katello-ca-consumer package is deprecated[1] [1] 1.6. Deprecated Functionality https://access.redhat.com/documentation/en-us/red_hat_satellite/6.13/html-single/release_notes/index#ref_deprecated-functionality_assembly_introducing-red-hat-satellite Suggestions for improvement: Pls check with the Engineering team and update the doc with the correct steps on how to update client certs post updating custom certs on the satellite. Additional information:
Hello, Many thanks for bringing this to our awareness. Updates about progress on the implementation of the fix will be shared in this ticket. Thank you!
Product BZs are already raised by me earlier around the same topic: 2124052 – As usage of katello-ca-consumer rpm has been deprecated, the capsule-certs-generate command should suggest alternate approach during SSL cert installation\renewal https://bugzilla.redhat.com/show_bug.cgi?id=2124052 2185634 – [RFE] Alternate method of katello-ca-cosumer to populate SSL certs on client systems https://bugzilla.redhat.com/show_bug.cgi?id=2185634 Since we don't have any other options present yet, Can we do this on the client systems, instead of installing katello-ca-consumer rpm or it has some downsides ? # curl http://<satellite-or-capsule-fqdn>/pub/katello-rhsm-consumer | bash
Link to the PR: https://github.com/theforeman/foreman-documentation/pull/2287