Hi,
I just noticed that the forman plugins are not GPG signed, and I'm not able
to access the provided yum repo via https, it's running in a timeout.
( https://yum.theforeman.org/plugins/1.9/el6/x86_64/ )
It's possible to sign the foreman plugins, or at least to provide a SSL
protected yum repo ?
Cheers, Sandro
+1
Hi,
I just noticed that the forman plugins are not GPG signed, and I’m not
able to access the provided yum repo via https, it’s running in a timeout.
( https://yum.theforeman.org/plugins/1.9/el6/x86_64/ )It’s possible to sign the foreman plugins, or at least to provide a SSL
protected yum repo ?Cheers, Sandro
–
You received this message because you are subscribed to the Google Groups
"Foreman users" group.
To unsubscribe from this group and stop receiving emails from it, send an
email to foreman-users+unsubscribe@googlegroups.com.
To post to this group, send email to foreman-users@googlegroups.com.
Visit this group at http://groups.google.com/group/foreman-users.
For more options, visit https://groups.google.com/d/optout.
–
Kind regards,
Vladimir.
It needs some work to automate signing for plugins on our Jenkins
infrastructure, since we only sign releases via a manual process at the
moment (and wouldn't want to start doing this for every plugin release).
I'll see if I can get to this soon.
Bug #4788: Plugin rpms not signed - Packaging - Foreman tracks it, for the record.
Offering SSL would be good too, but we'd need to source an SSL wildcard
certificate so all of our subdomains benefit. GlobalSign used to offer
wildcard certs for projects but I think this has changed - I'm not sure
how else we'd procure one, unless somebody's willing to donate this on a
regular basis.
–
Dominic Cleal
dominic@cleal.org
> > Hi,
> >
> > I just noticed that the forman plugins are not GPG signed, and I'm not
> > able to access the provided yum repo via https, it's running in a timeout.
> > ( https://yum.theforeman.org/plugins/1.9/el6/x86_64/ )
> >
> > It's possible to sign the foreman plugins, or at least to provide a SSL
> > protected yum repo ?
>
> It needs some work to automate signing for plugins on our Jenkins
> infrastructure, since we only sign releases via a manual process at the
> moment (and wouldn't want to start doing this for every plugin release).
> I'll see if I can get to this soon.
>
> Bug #4788: Plugin rpms not signed - Packaging - Foreman tracks it, for the record.
>
> Offering SSL would be good too, but we'd need to source an SSL wildcard
> certificate so all of our subdomains benefit. GlobalSign used to offer
> wildcard certs for projects but I think this has changed - I'm not sure
> how else we'd procure one, unless somebody's willing to donate this on a
> regular basis.
Maybe https://letsencrypt.org/ when its available later this year would
be an idea.
–
Dominic Cleal
dominic@cleal.org–
You received this message because you are subscribed to the Google Groups “Foreman users” group.
To unsubscribe from this group and stop receiving emails from it, send an email to foreman-users+unsubscribe@googlegroups.com.
To post to this group, send email to foreman-users@googlegroups.com.
Visit this group at http://groups.google.com/group/foreman-users.
For more options, visit https://groups.google.com/d/optout.
–
Best Regards,
Stephen Benjamin
Red Hat Engineering
> > > Hi,
> > >
> > > I just noticed that the forman plugins are not GPG signed, and I'm not
> > > able to access the provided yum repo via https, it's running in a timeout.
> > > ( https://yum.theforeman.org/plugins/1.9/el6/x86_64/ )
> > >
> > > It's possible to sign the foreman plugins, or at least to provide a SSL
> > > protected yum repo ?
> >
> > It needs some work to automate signing for plugins on our Jenkins
> > infrastructure, since we only sign releases via a manual process at the
> > moment (and wouldn't want to start doing this for every plugin release).
> > I'll see if I can get to this soon.
> >
> > Bug #4788: Plugin rpms not signed - Packaging - Foreman tracks it, for the record.
> >
> > Offering SSL would be good too, but we'd need to source an SSL wildcard
> > certificate so all of our subdomains benefit. GlobalSign used to offer
> > wildcard certs for projects but I think this has changed - I'm not sure
> > how else we'd procure one, unless somebody's willing to donate this on a
> > regular basis.
>
> Maybe https://letsencrypt.org/ when its available later this year would
> be an idea.
If YTFO is moved to a different IP, anyway. Wildcard certs don't appear
to be part of the initial launch.
–
Dominic Cleal
dominic@cleal.org–
You received this message because you are subscribed to the Google Groups “Foreman users” group.
To unsubscribe from this group and stop receiving emails from it, send an email to foreman-users+unsubscribe@googlegroups.com.
To post to this group, send email to foreman-users@googlegroups.com.
Visit this group at http://groups.google.com/group/foreman-users.
For more options, visit https://groups.google.com/d/optout.–
Best Regards,Stephen Benjamin
Red Hat Engineering–
You received this message because you are subscribed to the Google Groups “Foreman users” group.
To unsubscribe from this group and stop receiving emails from it, send an email to foreman-users+unsubscribe@googlegroups.com.
To post to this group, send email to foreman-users@googlegroups.com.
Visit this group at http://groups.google.com/group/foreman-users.
For more options, visit https://groups.google.com/d/optout.
–
Best Regards,
Stephen Benjamin
Red Hat Engineering
Hi Dominic,
Thank you for your reply. I checked with my employer, Puzzle ITC, and we're
able to donate a SSL Wildcard certificate for the foreman project.
Please contact my at beffa@puzzle.ch for the details.
Cheers, Sandro
Hi Sandro,
That's very kind, thank you! I'll be in touch soon.
Cheers,
On 26/10/15 09:23, Sandro Beffa wrote:
Hi Dominic,
Thank you for your reply. I checked with my employer, Puzzle ITC, and
we’re able to donate a SSL Wildcard certificate for the foreman project.
Please contact my at beffa@puzzle.ch for the details.Cheers, Sandro
On Monday, September 28, 2015 at 4:55:00 PM UTC+2, Dominic Cleal wrote:
On 25/09/15 14:49, Sandro Beffa wrote: > Hi, > > I just noticed that the forman plugins are not GPG signed, and I'm not > able to access the provided yum repo via https, it's running in a timeout. > ( https://yum.theforeman.org/plugins/1.9/el6/x86_64/ <https://yum.theforeman.org/plugins/1.9/el6/x86_64/> ) > > It's possible to sign the foreman plugins, or at least to provide a SSL > protected yum repo ? It needs some work to automate signing for plugins on our Jenkins infrastructure, since we only sign releases via a manual process at the moment (and wouldn't want to start doing this for every plugin release). I'll see if I can get to this soon. http://projects.theforeman.org/issues/4788 <http://projects.theforeman.org/issues/4788> tracks it, for the record. Offering SSL would be good too, but we'd need to source an SSL wildcard certificate so all of our subdomains benefit. GlobalSign used to offer wildcard certs for projects but I think this has changed - I'm not sure how else we'd procure one, unless somebody's willing to donate this on a regular basis. -- Dominic Cleal dom...@cleal.org <javascript:>–
You received this message because you are subscribed to the Google
Groups “Foreman users” group.
To unsubscribe from this group and stop receiving emails from it, send
an email to foreman-users+unsubscribe@googlegroups.com
mailto:foreman-users+unsubscribe@googlegroups.com.
To post to this group, send email to foreman-users@googlegroups.com
mailto:foreman-users@googlegroups.com.
Visit this group at http://groups.google.com/group/foreman-users.
For more options, visit https://groups.google.com/d/optout.