Story #6331: [Epic] Add SSL support
As an installer user, I can configure Pulp to run with TLS enabled to install/renew using letsencrypt certificates
In some cases users of Pulp users want TLS and would like to use a letsencrypt certificate.
- Configure new installations with a letsencrypt installation
- Renew letsencrypt certificates that are about to expire on existing installations (same options from the user)
Add options to the installer for the user to express their intent to have Pulp configured to use letsencrypt. If provided, the installer should create a letsencrypt certificate and configure either the Apache or Nginx configuration Pulp to run on port 443 with TLS enabled.
This cannot be enabled by default because letsencrypt can only be acquired if the Pulp host has a publicly accessible FQDN.
The same config used to configure a new install to setup a letsencrypt cert should automatically renew an existing pulp installation's letsencrypt certificate if they are within their renewal window.
Updated by email@example.com about 3 years ago
- Subject changed from As an installer user, I can configure Pulp to run with TLS enabled to install/renew using letsencry certificates to As an installer user, I can configure Pulp to run with TLS enabled to install/renew using letsencrypt certificates
Updated by Anonymous about 3 years ago
- Status changed from POST to MODIFIED
- % Done changed from 0 to 100
Applied in changeset ansible-pulp|1bb2d242b60eaa745b8e143039e6d36ef25ad1f1.