Something that I think I misunderstood in the instructions was the inclusion of the following 2 lines in the foreman-installer command:
--foreman-proxy-oauth-consumer-key=oAuth_Consumer_Key \
--foreman-proxy-oauth-consumer-secret=oAuth_Consumer_Secret
I just glossed over those, thinking they were only needed if you had configured Foreman for OAuth authentication on the frontend. I ended up finding this post, Foreman-installer fails tries to open connection to server on port 443 - #5 by CluelessTechnologist, where someone had the same issue with TCP port 443 as I did, and they mentioned that you can find the oauth info in /etc/foreman/settings.yaml on the Foreman server. Once I added those to the original foreman-installer command, I started getting a different error, which was
[ERROR ] [configure] /Stage[main]/Foreman_proxy::Register/Foreman_host[foreman-proxy-fm-proxy01.mysite.com]: Could not evaluate: Exception SSL_connect returned=1 errno=0 state=error: certificate verify failed (self signed certificate in certificate chain) in get request to: https://foreman.mysite.com/api/v2/hosts?search=name%3D%22fm-proxy01.mysite.com%22
This error makes sense to me at least. So I need to figure out how to trust the certificates. Is there a non-Katello process for doing this? I’m not all that familiar with generating certs.