Project

General

Profile

Actions
Copy link

Bug #14916

closed

CDN url is allowed to be "https", which only works for one hostname

Added by Chris Duryee about 8 years ago. Updated almost 6 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Chris Duryee
Category:
-
Target version:
Katello 3.1.0
Difficulty:
Triaged:
Bugzilla link:
1320485
Pull request:
https://github.com/Katello/katello/pull/6016
Fixed in Releases:
Found in Releases:
Red Hat JIRA:

Description

Katello only ships with TLS CA certs for cdn.redhat.com1. However, the CDN url edit page in the web UI allows for any HTTPS url. This causes confusion since users will put HTTPS, then later during sync, get a remote host verification error since the CA doesn't match the host.

For now, katello should only allow "http" URLs with the exception of "cdn.redhat.com". This catches TLS issues that may appear later during sync.

[1] https://github.com/Katello/katello/tree/master/ca

Actions
Copy link
 #1

Updated by The Foreman Bot about 8 years ago

  • Status changed from Assigned to Ready For Testing
  • Pull request https://github.com/Katello/katello/pull/6016 added
Actions
Copy link
 #2

Updated by Eric Helms about 8 years ago

  • translation missing: en.field_release set to 143
Actions
Copy link
 #3

Updated by Chris Duryee about 8 years ago

  • Status changed from Ready For Testing to Closed
  • % Done changed from 0 to 100
Actions
Copy link

Also available in: Atom PDF