Problem:
I found another entry on here about using katello-certs-check.
It looks like:
usage: /sbin/katello-certs-check -c CERT_FILE -k KEY_FILE -b CA_BUNDLE_FILE
# katello-certs-check -c system_Foreman.pem -k foreman_cert_key.pem -b RootandIssuingca.pem
Validation succeeded
To install the Katello main server with the custom certificates, run:
foreman-installer --scenario katello \
--certs-server-cert "/root/foreman_cert/system_Foreman.pem" \
--certs-server-key "/root/foreman_cert/foreman_cert_key.pem" \
--certs-server-ca-cert "/root/foreman_cert/RootandIssuingca.pem"
To update the certificates on a currently running Katello installation, run:
foreman-installer --scenario katello \
--certs-server-cert "/root/foreman_cert/system_Foreman.pem" \
--certs-server-key "/root/foreman_cert/foreman_cert_key.pem" \
--certs-server-ca-cert "/root/foreman_cert/RootandIssuingca.pem" \
--certs-update-server --certs-update-server-ca
When I try and use that minus the --scenario katello, I don’t need katello at the moment.
I get:
ERROR: Unrecognised option ‘–certs-server-cert’
I am trying to figure out what new options I should be using instead?
I see all of these:
–foreman-plugin-puppetdb-ssl-ca-file
–foreman-plugin-puppetdb-ssl-certificate
–foreman-proxy-foreman-ssl-cert
–foreman-proxy-foreman-ssl-key
–foreman-proxy-manage-puppet-group
–foreman-proxy-puppet-ssl-ca
–foreman-proxy-puppet-ssl-cert
–foreman-proxy-puppetca-cmd
–foreman-proxy-ssl-ca
–foreman-proxy-ssl-cert
–foreman-proxy-ssl-key
–foreman-proxy-plugin-chef-ssl-verify
I am mostly just trying to have the web page use https: and have the secure padlock.
Foreman and Proxy versions:
foreman-1.22.0-1.el7.noarch
foreman-proxy-1.22.0-1.el7.noarch
It seems to install and work okay without the certificates, but I would like to have them so I don’t have to keep adding an exception to my browser.
Thanks for any help or suggestion!