A short sidenote first, your are on a very old documentation version that does not match your installed version, this is the one you most likely were looking for: Managing organizations and locations in Foreman
Though this is just details, not really different information.
To get it working with Chromium based browsers (I tested it with MSEdge), you need to convert the cert like for Firefox to PKCS#12 (I just used XCA for that) and then import it as personal certificate.
thanks a lot for the helping hand. It works now, however, the protected content I can not browse w/o knowing the complete URL of the repo, I have to enter the complete URL to get access to the repositories. Is there another trick? What am I overlooking?
Same for me
There is at least a good option to guess it if not visible. If you look in the config details of the base repos (Products → Product → Repository), these show the link, the only once you will have to guess are, if you reach the root directory of the repo then it will show everything browsable below again.
For the paths in CVs, well yeah these you really need to guess, but it’s basically just replacing the most upper path part with what’s needed to find the repo in the CV. (like /pulp/content/<org-label>/Library/custom/<product-label>/<repo-label>/ → /pulp/content/<org-label>/<le-label>/<cv-label>/custom/custom/<product-label>/<repo-label>/)
Hope that helps!
Guys! as this has been working for me now nicely, I stumbled over a new problem. While the primary DNS of our Foreman Server is a very long URL, and it works just fine, users are requesting this to work with a CNAME DNS, is this possible? So far I did not find an option, not it is working for me transparently.
As far as I know the whole system is designed around having one primary hostname all arround. Though it should theoretically work to hook a reverse proxy in front with another name and url rewriting. (especially the repo (pulp) part, which is indicated in the loadbalancer documentation)
That said, as this is a new topic, if you want to have more exposure to that, it would be better to ask this in a new thread.
I will open a new thread to check if someone has experience with “modifying” the certificate to add a CNAME URL into it, or any other alternative, as users needs that use it with curl.
(or basically every sub-page that lists things)