Open pedantic-git opened 8 years ago
@Vasavisirnapalli please take a look
@pedantic-git, what kickstart config keys are you using to specify the RPMs URL? I don't see any existing key that matches your description.
Perhaps this issue is no longer valid?
@cbsiddharth It's been 5 years since I raised this issue and my memory isn't fantastic from that era!
Check out https://github.com/vmware/photon/blob/master/docs/photon_user/PXE-boot.md#optional-http-server-setup which describes how to set up an HTTP server for the RPMs and seems to still be current. I think the actual URL is specified in the ks.cfg (sample_ks.cfg) but this is all from a 5-year-old memory so might be completely wrong.
This is a two-part change. TDNF needs to support a new option (tacked by separate issue) sslverify=[true/false]
and then this option must be allowed to pass though installer kernel command line.
When running the photon installer in kickstart mode, the RPMs cannot be served from an SSL site with an untrusted SSL certificate (e.g. a self-signed certificate).
This is probably a good thing for most users, but it would be a good thing to have kernel
/proc/cmdline
option to disable SSL certificate checking for those of us who are operating in internal environments with untrusted certificates.As far as I can tell from the docs, you can disable SSL certificate checking by not passing the
cafile
parameter tourlopen()
here.