Problem:
I have installed a external smart proxy but not with the foreman-installer. I installed it manually (dnf install foreman-proxy) and add it as smart proxy to the foreman. Now i want to configure ssl on this smart proxy. For this, i generated a certificate with following command on the foreman master server:
Then, i copied the tar to the external smart proxy. The only way to deploy the Cert on the external Proxy is, to use the foreman-installer ommand like this:
foreman-installer --scenario foreman-proxy-content …
Then i installed the foreman-installer (dnf install foreman-proxy) and tried the command but i got this:
ERROR: Scenario (/etc/foreman-installer/scenarios.d/foreman-proxy-content.yaml) was not found, can not continue
So is there a way to install it without foreman-installer or how can i add this scenario to the smart proxy.
Expected outcome:
Sucsessfull deployed SSL Cert on the external Smart Proxy
Sounds like from the description, that you have installed Foreman w/ Katello on the main server. First, installing a smart-proxy when Katello is present without using the foreman-proxy-content scenario with the installer is an untested/unsupported configuration. We do not know what behavior you may encounter.
That being said, you can likely take the certificate tarball, and crack it open, and grab the certificates that are need for the smart-proxy from inside and manually place them. No guarantees but here is my off the cuff idea of how you’d do that:
The certificates you’ll want from it are labeled:
${hostname}-foreman-proxy-client: used for talking to Foreman
${hostname}-foreman-proxy: used as the server certificates
You will also need the CA certificate.
You can then place them, for example, in these locations:
I have recently also had a use-case where I needed to install a Proxy without content on a smart-proxy for a Katello server. Here is what I did what worked for me:
In case there is no specific reason why you are installing a smart-proxy that way, I would recommend to install foreman-installer-katello RPM (which contains the smart-proxy-content scenario) and redo the smart-proxy setup from scratch with the proper installer commands.
As already mentioned, installing a smart-proxy in the way you are doing is untested or at least undocumented and may lead to a lot of headache.