Fixes #36463 - Authenticate to custom cdn using product certs

[ianballou]

What are the changes introduced in this pull request?

Adds a custom_cdn_auth_enabled flag to the organizations API so that a custom cdn configuration can optionally apply product certs + keys for authentication.

Considerations taken when implementing this change?

What are the testing steps for this pull request?

1. Change the org's CDN configuration to be:

• Custom CDN
• URL: https://ru-by-exceptions.cdn.redhat.com
• SSL CA Cert: copy/paste katello/ca/redhat-uep.pem

2. Using hammer or the API: hammer organization configure-cdn --custom-cdn-auth-enabled=true --id 1 --type custom_cdn

3. Try to enable and sync a red hat repository

[theforeman-bot]

Issues: #36463

[chris1984]

Code looks fine, I was able to enable a repo after setting the custom cdn to the URL and using the cert katello/ca/redhat-uep.pem:

I am getting a sync error though:

403, message='Forbidden', url=URL('https://ru-by-exceptions.cdn.redhat.com/content/dist/rhel/server/7/7Server/x86_64/sat-client/6/os')

Pulled a fresh 6.13 manifest from the customer portal that someone made so it should be current, changing back to the RH CDN I was able to enable and sync a repo like normal.

[ianballou]

@chris1984 I cannot sync content either, I wonder if it's because we do not have access by default to ru-by-exceptions (since we need an exception I guess). I'll have to ask around about how to test it.

[ianballou]

@chris1984 can you try syncing a more "mainstream" repo like RHEL 8 BaseOS? That I can sync. I wonder if there are a very limited set of repositories that can be synced using that CDN URL.

[chris1984]

That worked, was able to sync.