Skip to content
This repository has been archived by the owner on Nov 24, 2021. It is now read-only.

Fixes #25306 - Add space after command output in kcc #706

Merged
merged 1 commit into from Oct 27, 2018
Merged

Fixes #25306 - Add space after command output in kcc #706

merged 1 commit into from Oct 27, 2018

Conversation

chris1984
Copy link
Member

Results of testing:

Katello cert:

[root@satellite1 ~]# ./katello-certs-check -b /root/ca.pem -k /root/server.key -c /root/server.crt 
Checking server certificate encoding: 
[OK]

Checking expiration of certificate: 
[OK]

Checking expiration of CA bundle: 
[OK]

Checking if server certificate has CA:TRUE flag 
[OK]

Checking to see if the private key matches the certificate: 
[OK]

Checking CA bundle against the certificate file: 
[OK]

Checking Subject Alt Name on certificate 
[OK]

Checking Key Usage extension on certificate for Key Encipherment 
[OK]

Validation succeeded


To install the Katello main server with the custom certificates, run:

    foreman-installer --scenario katello \
                      --certs-server-cert "/root/server.crt" \
                      --certs-server-key "/root/server.key" \
                      --certs-server-ca-cert "/root/ca.pem"

To update the certificates on a currently running Katello installation, run:

    foreman-installer --scenario katello \
                      --certs-server-cert "/root/server.crt" \
                      --certs-server-key "/root/server.key" \
                      --certs-server-ca-cert "/root/ca.pem" \
                      --certs-update-server --certs-update-server-ca
					  
Capsule Cert:

[root@satellite1 ~]# ./katello-certs-check -b /root/ca.pem -k /root/capsule_certs/server.key -c /root/capsule_certs/server.crt 
Checking server certificate encoding: 
[OK]

Checking expiration of certificate: 
[OK]

Checking expiration of CA bundle: 
[OK]

Checking if server certificate has CA:TRUE flag 
[OK]

Checking to see if the private key matches the certificate: 
[OK]

Checking CA bundle against the certificate file: 
[OK]

Checking Subject Alt Name on certificate 
[OK]

Checking Key Usage extension on certificate for Key Encipherment 
[OK]

Validation succeeded


  To use them inside a NEW $FOREMAN_PROXY, run this command:

      foreman-proxy-certs-generate --foreman-proxy-fqdn "$FOREMAN_PROXY" \
                                   --certs-tar  "~/$FOREMAN_PROXY-certs.tar" \
                                   --server-cert "/root/capsule_certs/server.crt" \
                                   --server-key "/root/capsule_certs/server.key" \
                                   --server-ca-cert "/root/ca.pem" \

  To use them inside an EXISTING $FOREMAN_PROXY, run this command INSTEAD:

      foreman-proxy-certs-generate --foreman-proxy-fqdn "$FOREMAN_PROXY" \
                                   --certs-tar  "~/$FOREMAN_PROXY-certs.tar" \
                                   --server-cert "/root/capsule_certs/server.crt" \
                                   --server-key "/root/capsule_certs/server.key" \
                                   --server-ca-cert "/root/ca.pem" \
                                   --certs-update-server

@chris1984 chris1984 requested a review from ehelms October 25, 2018 13:46
@theforeman-bot
Copy link

Issues: #25306

@ehelms ehelms merged commit 7314bf2 into Katello:master Oct 27, 2018
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@ehelms ehelms ehelms approved these changes

Assignees
No one assigned
Labels
Not yet reviewed
Projects
None yet
Milestone
No milestone
3 participants
@chris1984 @theforeman-bot @ehelms