I’m preparing foreman installation and configuration with puppet. I have some issues with SSL connection between smart proxies and foreman. I would like to register proxies automatically in Foreman server. So, the main issue is with parameter $register_in_forman => true
I’m trying to use different certificates for proxies registration and different for ssl domain but it seems to not working.
I set the following params:
$foreman_url => ‘https://foreman.internal.com’ (I have DigiCert certificate for this domain)
$server_ssl_ca => path to DigiCert CA file
$server_ssl_chain => path to DigiCert CA file
$server_ssl_cert => path to DigiCert domain certificate
$server_ssl_key => path to DigiCert private key for domain
$client_ssl_ca => path to Puppet CA file
$client_ssl_cert => path to Puppet cert file
$client_ssl_key => path to Puppet key file
According to Foreman’s manual, proxies should verify themselves with Puppet’s CA in the configuration like above. Unfortunately, when I run ‘puppet agent -t’ command I get the error “certificate verify failed”.
It works perfectly fine when I put as a server certificates Puppet files.