Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add: Reset custom SSL certificate to default self-signed #2886

Merged
merged 6 commits into from
May 16, 2024
Merged

Add: Reset custom SSL certificate to default self-signed #2886

merged 6 commits into from
May 16, 2024

Conversation

mjivraja
Copy link
Contributor

@mjivraja mjivraja commented Mar 14, 2024
edited

Documented the procedure for end-users to revert from Custom SSL to default self-signed certificate for Project, SmartProxy, and Hosts guide. This was required in the case where Custom SSL certificates were expired for Project and CA was not available to provide new signed certificates that caused business outages or production delays. Also, I fixed minor things in Deploying custom SSL certificates to hosts

https://bugzilla.redhat.com/show_bug.cgi?id=1874045

Please cherry-pick my commits into:

  • Foreman 3.10/Katello 4.12
  • Foreman 3.9/Katello 4.11 (planned Satellite 6.15)
  • Foreman 3.8/Katello 4.10
  • Foreman 3.7/Katello 4.9 (Satellite 6.14)
  • Foreman 3.6/Katello 4.8
  • Foreman 3.5/Katello 4.7 (Satellite 6.13; orcharhino 6.6/6.7)
  • Foreman 3.4/Katello 4.6 (EL8 only)
  • Foreman 3.3/Katello 4.5 on EL7 & EL8 (Satellite 6.12 on EL8 only; orcharhino 6.4/6.5 on EL8 only)
  • We do not accept PRs for Foreman older than 3.3.

@mjivraja mjivraja added the Needs tech review Requires a review from the technical perspective label Mar 14, 2024
@github-actions GitHub Actions
Copy link

github-actions bot commented Mar 14, 2024
edited

The PR preview for 1a9a2ed is available at theforeman-foreman-documentation-preview-pr-2886.surge.sh

The following output files are affected by this PR:

show diff

show diff as HTML

@mjivraja mjivraja force-pushed the Revert-from-custom-SSL-to-default-master branch 4 times, most recently from 623a99f to 3fb466d Compare March 15, 2024 06:48
maximiliankolb
maximiliankolb reviewed Mar 18, 2024
View reviewed changes
Copy link
Contributor

@maximiliankolb maximiliankolb left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Left some comments, I did not test the procedure myself yet.

...modules/proc_reset-custom-ssl-certificate-to-default-self-signed-certificate-on-project.adoc Outdated Show resolved Hide resolved
...ules/proc_reset-custom-ssl-certificate-to-default-self-signed-certificate-on-smartproxy.adoc Outdated Show resolved Hide resolved
...ules/proc_reset-custom-ssl-certificate-to-default-self-signed-certificate-on-smartproxy.adoc Outdated Show resolved Hide resolved
...ules/proc_reset-custom-ssl-certificate-to-default-self-signed-certificate-on-smartproxy.adoc Outdated Show resolved Hide resolved
...ules/proc_reset-custom-ssl-certificate-to-default-self-signed-certificate-on-smartproxy.adoc Outdated Show resolved Hide resolved
...ules/proc_reset-custom-ssl-certificate-to-default-self-signed-certificate-on-smartproxy.adoc Outdated Show resolved Hide resolved
guides/common/assembly_registering-hosts.adoc Outdated Show resolved Hide resolved
@mjivraja mjivraja force-pushed the Revert-from-custom-SSL-to-default-master branch 2 times, most recently from bab196a to 85f53e9 Compare March 21, 2024 10:43
@mjivraja mjivraja requested a review from ehelms April 10, 2024 14:55
@mjivraja mjivraja force-pushed the Revert-from-custom-SSL-to-default-master branch from 85f53e9 to c11fdce Compare April 24, 2024 12:52
maximiliankolb
maximiliankolb requested changes Apr 25, 2024
View reviewed changes
guides/common/modules/con_using-custom-ssl-certificate-for-hosts.adoc Outdated Show resolved Hide resolved
...on/modules/ref_reset-custom-ssl-certificate-to-default-self-signed-certificate-on-hosts.adoc Outdated Show resolved Hide resolved
...ules/proc_reset-custom-ssl-certificate-to-default-self-signed-certificate-on-smartproxy.adoc Outdated Show resolved Hide resolved
...ules/proc_reset-custom-ssl-certificate-to-default-self-signed-certificate-on-smartproxy.adoc Outdated Show resolved Hide resolved
...ules/proc_reset-custom-ssl-certificate-to-default-self-signed-certificate-on-smartproxy.adoc Outdated Show resolved Hide resolved
...ules/proc_reset-custom-ssl-certificate-to-default-self-signed-certificate-on-smartproxy.adoc Outdated Show resolved Hide resolved
...modules/proc_reset-custom-ssl-certificate-to-default-self-signed-certificate-on-project.adoc Outdated Show resolved Hide resolved
...modules/proc_reset-custom-ssl-certificate-to-default-self-signed-certificate-on-project.adoc Outdated Show resolved Hide resolved
...modules/proc_reset-custom-ssl-certificate-to-default-self-signed-certificate-on-project.adoc Outdated Show resolved Hide resolved
@pr-processor pr-processor bot added Waiting on contributor Requires an action from the author Needs re-review and removed Waiting on contributor Requires an action from the author labels Apr 25, 2024
mjivraja and others added 6 commits April 30, 2024 11:48
@mjivraja
Add: Reset custom SSL certificate to default self-signed
df03a58 
Documented the procedure for end-users to revert from Custom SSL to
default self-signed certificate for Project, SmartProxy, and Hosts
guide. This was required in the case where Custom SSL certificate were
expired for Project and CA was not available to provide new signed
certificates that caused business outages or production delays. Also,
fixed minor things in Deploying custom SSL certificate to hosts

https://bugzilla.redhat.com/show_bug.cgi?id=1874045

Rerun GitHub Actions
@mjivraja
Fix katello-answers.yaml for orch & bette attributes
cfd6418
@mjivraja
Better use of custom attributes suggested by Max
53e0db7
@mjivraja
Revert to Global Registration for SmartProxy
d76df9d
@mjivraja @maximiliankolb
Apply direct suggestions (pushing more)
6f0dcc4 
Co-authored-by: Maximilian Kolb <mail@maximilian-kolb.de>
@mjivraja
Rename files, title and ID
1a9a2ed
@mjivraja mjivraja force-pushed the Revert-from-custom-SSL-to-default-master branch from a4d8536 to 1a9a2ed Compare April 30, 2024 06:31
maximiliankolb
maximiliankolb approved these changes May 16, 2024
View reviewed changes
Copy link
Contributor

@maximiliankolb maximiliankolb left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

diff LGTM.

@maximiliankolb maximiliankolb merged commit bb8131c into theforeman:master May 16, 2024
8 checks passed
maximiliankolb pushed a commit that referenced this pull request May 16, 2024
@mjivraja @maximiliankolb
Add Reset custom SSL certificate to default self-signed (#2886)
d442759 
(cherry picked from commit bb8131c)
@maximiliankolb
Copy link
Contributor

Merged to "master" and cherry-picked to "3.10":
7bc995d..d442759 3.10 -> 3.10

@mjivraja mjivraja deleted the Revert-from-custom-SSL-to-default-master branch May 16, 2024 13:34
mjivraja added a commit to mjivraja/foreman-documentation that referenced this pull request May 16, 2024
@mjivraja
Add Reset custom SSL certificate to default self-signed (theforeman#2886
f8c8875 
)

(cherry picked from commit bb8131c)
mjivraja added a commit to mjivraja/foreman-documentation that referenced this pull request May 16, 2024
@mjivraja
Add Reset custom SSL certificate to default self-signed (theforeman#2886
f177153 
)

(cherry picked from commit bb8131c)
mjivraja added a commit to mjivraja/foreman-documentation that referenced this pull request May 16, 2024
@mjivraja
Add Reset custom SSL certificate to default self-signed (theforeman#2886
fed8744 
)

(cherry picked from commit bb8131c)
ekohl pushed a commit that referenced this pull request May 23, 2024
@mjivraja @ekohl
Add Reset custom SSL certificate to default self-signed (#2886)
9c2d60e
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@sayan3296 sayan3296 sayan3296 left review comments

@maximiliankolb maximiliankolb maximiliankolb approved these changes

@ehelms ehelms Awaiting requested review from ehelms

Assignees
No one assigned
Labels
Needs tech review Requires a review from the technical perspective
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@mjivraja @maximiliankolb @ehelms @sayan3296