Task #1970
closedremove some ssl settings from server.conf
0%
Description
These settings should be removed from the "[security]" section of /etc/pulp/server.conf in the next X release of pulp:
cacert
cakey
ssl_ca_certificate
"cacert" and "cakey" are only used by pulp to sign client certs for use with the REST API. The common case is to use them during the "login" operation. The user should never need to change this cert or key, so pulp can just generate them without it being configurable.
"ssl_ca_certificate" is only known at this point to be used for finding the CA that should be installed on a consumer, and setup for yum to use when accessing content. That entire feature set is going away in pulp 3.0.
This was discussed just now in a TLS debrief from rbarlow.
Updated by bmbouter about 5 years ago
- Status changed from NEW to CLOSED - WONTFIX
Updated by bmbouter about 5 years ago
Pulp 2 is approaching maintenance mode, and this Pulp 2 ticket is not being actively worked on. As such, it is being closed as WONTFIX. Pulp 2 is still accepting contributions though, so if you want to contribute a fix for this ticket, please reopen or comment on it. If you don't have permissions to reopen this ticket, or you want to discuss an issue, please reach out via the developer mailing list.