Actions
Story #6847
closed
Story #6331: [Epic] Add SSL support
As an installer user, I can configure Pulp to run with TLS enabled using self-signed certificates
Status:
CLOSED - CURRENTRELEASE
Priority:
Normal
Assignee:
-
Category:
Installer - Moved to GitHub issues
Sprint/Milestone:
Start date:
Due date:
% Done:
100%
Estimated time:
Platform Release:
Groomed:
Yes
Sprint Candidate:
No
Tags:
Sprint:
Sprint 78
Quarter:
Description
Background¶
In some cases users of Pulp users want TLS and would like to have self-signed certificates. The motivation is for installations where the user doesn't have existing certs and letsencrypt certs are not an option because the the pulp host is not internet accessible.
Solution¶
Add options to the installer for the user to express their intent to have Pulp create and use self-signed TLS certificates. If provided, the installer should create self-signed certificates for the hostname of the host. The certificates should be used to configure either the Apache or Nginx configuration Pulp to run on port 443 with TLS enabled.
This option would not be enabled by default.
Actions
.
pulp_webserver: Add support for TLS configuration
Enable HTTPS by default when deploying a new pulp server. One can either specify the value of the certificate and the key. Or, if none available, can have the installer generating them.
Support has been added for both nginx and apache.
fixes #6845 https://pulp.plan.io/issues/6845 fixes #6847 https://pulp.plan.io/issues/6847
Co-Authored-By: Matthias Dellweg mdellweg@redhat.com