Problem:
I am trying to boot a UEFI bare metal server where the ISO and repositories reside on a server using SSL (https). I have configured BIOS booting with the “no verify ssl” flags. How do I do the same for UEFI?
Foreman and Proxy versions:
Foreman 2.1.1
Other relevant data:
I am installing CentOS 8.2
BIOS cannot boot from HTTP or HTTPS itself, do you use iPXE?
Anyway, you need to configure this in your EFI firmware.
Thanks for the prompt reply.
I am using iPXE and the PXELinux UEFI template.
Can you provide a pointer to what needs to be set in the EFI firmware to boot from SSL?
The process gets stuck on curl error 60 trying to get the install.img over https.
I don’t know the details of your setup, but we do not support HTTPS kickstarting, there’s a lot of troubles with that. Anaconda does not accept CAs, Katello does not publish kickstarts over HTTPS by default, mirrors mostly run on HTTP only.
Interesting - is this anywhere in the formal Foreman documentation?
I’m asking since I am able to get BIOS VMs to boot from a server with the ISO and repository residing on a https link. My issue is with bare metal servers using UEFI.
I am not saying it is not technically possible, we just do not ship with configuration that works out of box.
Again, I do not have enough information to comment on that. There are multiple ways how you can provision UEFI systems with Foreman.
Where do I add the parameter inst.noverifyssl tot he PXE Linux UEFI template like I did in the PCX Linux BIOS file?
To the PXE template associated with your host.