Using https for ALL pulp content including discovery/kexec and kickstart

Has anyone switched to using https for everything? In particular it seems that discovery kexec is an issue when it wants to wget the kernel/initrd, and the kickstart is a problem because pulp won’t even let me turn off “serve over http” for the kickstart repos.

We are totally prohibited from using non-ssl http. So I have to figure this out somehow.

Hey, kexec uses foreman_url('provision') macro which uses unattended_url Administer - Setting - Provisioning option. Change that.

However Katello have disabled this option for some reason, I cannot remember why. Sorry to keep pinging ya, @Justin_Sherrill can you explain why this happened? Honestly, I used this option myself too.