search

theforeman / puppet-pulp

Puppet module for setting up Pulp 2 as part of Katello installation
GNU General Public License v3.0
16 stars 66 forks source link

Apache vhost for crane uses wrong certificate #340

Closed alexjfisher closed 6 years ago

alexjfisher commented 6 years ago

Given the following...

class { 'pulp':
    # ...
    https_cert     => '/etc/httpd/ssl/example.com.crt',
    https_key      => '/etc/httpd/ssl/example.com.key',
    https_chain    => '/etc/httpd/ssl/geotrust-int.crt',
    enable_crane   => $enable_crane,
}

I would expect the 05-pulp-https.conf vhost and the 03-crane.conf vhosts to use identical https certificate chains. But... 03-crane.conf sets SSLCertificateChainFile to /etc/pki/pulp/ca.crt instead of /etc/httpd/ssl/geotrust-int.crt (which 05-pulp-https.conf correctly uses).