Templates on Smart-Proxy

In the Subnet settings, when setting as Templates proxy a smart proxy the template rendering will allways renders the HTTPS URL regardless of smart-proxy template settings
The rendered foreman_url(‘provision’) is alway https://smart-proxy.foreman.org:9090/
This will principally work but anaconda will not be able to verify/trust the SSL certificate so it will noch be able to download the template.
Would there be a way to update the initrd.img to include more Root CA?

Expected outcome:
Should return a URL depending on what is set in /etc/foreman-proxy/settings.d/template.yml.
Foreman and Proxy versions:

Foreman and Proxy plugin versions:

Other relevant data:
There are no error in logs since the template rendering works but doesn’t return the expected value

Any Idea?


Hello, Anaconda does not support root/server CA, you can only provide it an option to ignore server cert. There is simply no option you can provide it, you could however rebuild Anaconda initramdisk and include your CA yourself but that’s enough theory. :slight_smile:

1 Like

@lzap So we cant use Anaconda and Template Smart Proxy by default?

I’m having the same issue.

Would hard coding the foreman_url(‘provision’) to proxy endpoint work?

Anaconda (the installer) will refuse all kickstart URL connections to any HTTPS endpoint. It’s hardcoded in the software, we can’t do anything about this.