Problem:
Would like to use our AD issued certificate for the foreman web interface
Expected outcome:
Trusted site with all other functionality working on the puppet side
Foreman and Proxy versions:
foreman 1.16 AIO with puppetserver 5.2.0-1xenial
Foreman and Proxy plugin versions:
Other relevant data:
I am able to add the certs to the apache2 config in /etc/apache2/sites-enabled/05-foreman-ssl.conf in the 3 fields SSLCertificateFile, SSLCertificateKeyFile and SSLCertificateChainFile. The web interface then loads as trusted as expected, but then any puppet clients fail to send reports. On the first run, i get an error that the node could not be found when running node.rb. Subsequent runs appear to run fine, but reports never make it back to foreman. This is both communicating directly to puppet on the foreman box, or via a foreman-proxy.
I followed the instructions here: Foreman :: Replacing Foreman's web SSL certificate.
which seem rather dated as the paths differ on the apache side.
I have also tried various other tweaks i found by searching, none of which helped. Any chance there is an updated doc for this process? i would think this is a rather common request. Any help is much appreciated.