I know there's some SElinux magic, but if you have disabled SELinux you can try a command line like this to install a new web certificate, key, and chain (intermediate certificates) and keep the puppet part working...
foreman-installer \ --foreman-server-ssl-key=/etc/pki/tls/private/foreman.example.com.key \ --puppet-server-foreman=true \ --foreman-server-ssl-cert=/etc/pki/tls/certs/foreman.example.com.crt \ --foreman-server-ssl-chain=/etc/pki/tls/certs/cachain.crt \ --foreman-server-ssl-certs-dir=/etc/pki/tls/certs \ --foreman-websockets-encrypt=true \ --foreman-websockets-ssl-key=/etc/pki/tls/private/foreman.example.com.key \ --foreman-websockets-ssl-cert=/etc/pki/tls/certs/foreman.example.com.crt \ --puppet-server-foreman=true \ --puppet-server-foreman-ssl-ca=/etc/pki/tls/certs/cachain.crt \ --foreman-proxy-foreman-ssl-ca=/etc/pki/tls/certs/cachain.crt \ --foreman-foreman-url=https://foreman.example.com -- You received this message because you are subscribed to the Google Groups "Foreman users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at https://groups.google.com/group/foreman-users. For more options, visit https://groups.google.com/d/optout.
