won't see when using the spoof URL.
> My /var/log/foreman/production.log does NOT get updated when the client
> sends a kickstart request
> my file /etc/puppet/autosign.conf has just one line in it:
> *.domain.com
> if I perform puppet cert list --all, I do have an SHA256 cert for the
> server I'm trying to kickstart (it previously had an OS and is listed in
> foreman)
>
> one possible problem that may be causing this - I have puppet, foreman,
> and foreman-proxy on the same server, and I'm using a cname for foreman.
> The fqdn is hq-puppet-01.domain.com.
> I have cnames for both foreman.domain.com and puppet.domain.com
> The URL for the foreman proxy https://hq-puppet-01.domain.com:8443
> This is the only URL that works for the foreman proxy.
> However, the foreman URL is simply foreman.domain.com
>
> Thanks!
>
>
I have decided that my apache config must be to blame. Here's my current
config for foreman, which doesn't mention port 80…
[snip]
Listen 443
NameVirtualHost *:443
LoadModule ssl_module modules/mod_ssl.so
AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl .crl
<VirtualHost *:443>
ServerName foreman.domain.com
RailsAutoDetect On
DocumentRoot /usr/share/foreman/public
<Directory /usr/share/foreman/public>
Options FollowSymLinks
DirectoryIndex index.html
AllowOverride None
Order allow,deny
allow from all
</Directory>
SSLEngine On
SSLCertificateFile /var/lib/puppet/ssl/certs/hq-puppet-01.domain.com.pem
SSLCertificateKeyFile
/var/lib/puppet/ssl/private_keys/hq-puppet-01.domain.com.pem
</VirtualHost>
[snip]
I see the current version of the template is here
https://github.com/theforeman/puppet-foreman/blob/master/templates/foreman-vhost.conf.erb
I've tried to hack my config to match it, but it isn't working yet - port
80 now works, but 443 does not…
[snip]
LoadModule ssl_module modules/mod_ssl.so
AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl .crl
<VirtualHost *:80>
ServerName foreman.domain.com
ServerAlias foreman
DocumentRoot /usr/share/foreman/public
PassengerAppRoot /usr/share/foreman
RailsAutoDetect On
AddDefaultCharset UTF-8
</VirtualHost>
<VirtualHost *:443>
ServerName foreman.domain.com
ServerAlias foreman
RailsAutoDetect On
DocumentRoot /usr/share/foreman/public
PassengerAppRoot /usr/share/foreman
#<Directory /usr/share/foreman/public>
#Options FollowSymLinks
#DirectoryIndex index.html
#AllowOverride None
#Order allow,deny
#allow from all
#</Directory>
SSLEngine On
#SSLCertificateFile /var/lib/puppet/ssl/certs/puppet.DOMAIN_PH.pem
#SSLCertificateKeyFile /var/lib/puppet/ssl/private_keys/puppet.DOMAIN_PH.pem
SSLCertificateFile /var/lib/puppet/ssl/certs/hq-puppet-01.domain.com.pem
SSLCertificateKeyFile
/var/lib/puppet/ssl/private_keys/hq-puppet-01.domain.com.pem
</VirtualHost>
[snip]