Bug 794778 - New pulp config option ssl_ca_certificate needs to be set by katello installer
Summary: New pulp config option ssl_ca_certificate needs to be set by katello installer
Keywords:
Status: CLOSED UPSTREAM
Alias: None
Product: Katello
Classification: Retired
Component: Installer
Version: 2.0
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
: ---
Assignee: Lukas Zapletal
QA Contact: Katello QA List
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2012-02-17 15:44 UTC by James Slagle
Modified: 2012-07-17 13:09 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2012-07-17 13:09:43 UTC

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Description James Slagle 2012-02-17 15:44:55 UTC 
There is a new pulp config option called ssl_ca_certificate in /etc/pulp/pulp.conf.  This needs to be set by the Katello installer to the full path of the CA certificate that signed the pulp server's apache SSL certificate.  The path must be readable by the apache user.

This was added to address bug #790157.

Let me know if there are any questions.
Comment 1 James Slagle 2012-02-17 15:46:26 UTC 
This change will be introduced in Pulp version 1.0.
Comment 2 Lukas Zapletal 2012-04-02 14:32:45 UTC 
Is this the same as in /etc/httpd/conf.d/pulp.conf

SSLCACertificateFile /etc/candlepin/certs/candlepin-ca.crt
Comment 3 Lukas Zapletal 2012-04-02 14:53:06 UTC 
To the [security] section, right?
Comment 4 Lukas Zapletal 2012-04-02 14:57:46 UTC 
a391b55 794778 - option ssl_ca_certificate is set for pulp V1

Note to myself - to verify access a protected repo with yum, and make sure sslverify is set in the client's yum repo file.
Comment 5 Bryan Kearney 2012-07-17 13:09:43 UTC 
Moving all community bugs with fixes to closed.
Note You need to log in before you can comment on or make changes to this bug.