Project

Profile

Help

Issue #624

closed

/etc/httpd/conf.d/pulp.conf sets SSLCACertificateFile

Added by rbarlow about 9 years ago. Updated over 3 years ago.

Status:
CLOSED - WONTFIX
Priority:
Normal
Assignee:
-
Category:
-
Sprint/Milestone:
-
Start date:
Due date:
Estimated time:
Severity:
2. Medium
Version:
2.4.0
Platform Release:
OS:
Triaged:
Yes
Groomed:
No
Sprint Candidate:
No
Tags:
Pulp 2
Sprint:
Quarter:

Description

Description of problem:
/etc/httpd/conf.d/pulp.conf sets mod_ssl's SSLCACertificateFile directive. This directive is also defined in /etc/httpd/conf.d/ssl.conf, and is inappropriate for Pulp to claim in our pulp.conf namespace. Pulp does this so that it can use auto-generated client certificates with the /login/ call. Pulp relies on httpd to check client certificates against the CA defined in this directive.

We should change the /login/ call to work differently (i.e., not rely on a CA) and stop overriding this setting in our config file.

Version-Release number of selected component (if applicable):
2.4.0-1

How reproducible:
Every time.

Steps to Reproduce:
1. Is SSLCACertificateFile in /etc/httpd/conf.d/pulp.conf?

Actual results:
Yes.

Expected results:
No.

+ This bug was cloned from Bugzilla Bug #1165407 +

Also available in: Atom PDF