You can have a look at my blog as well - https://blog.dobrev.eu/blog/categories/theforeman/
You need to recreate the certs and add dns_alt_names for all the hosts that you want to reuse these certs on. On Tuesday, 29 November 2016 15:10:25 UTC, Sai Krishna wrote: > > Hi Chris, >>> >> > grep -i servername /etc/httpd/conf.d/*foreman* > /etc/httpd/conf.d/05-foreman.conf: ServerName foremandv.example.com > grep: /etc/httpd/conf.d/05-foreman.d: Is a directory > /etc/httpd/conf.d/05-foreman-ssl.conf: ServerName foremandv.example.com > grep: /etc/httpd/conf.d/05-foreman-ssl.d: Is a directory > > roothost1 [~] # grep -i SSL /etc/httpd/conf.d/*foreman* > grep: /etc/httpd/conf.d/05-foreman.d: Is a directory > /etc/httpd/conf.d/05-foreman-ssl.conf: ErrorLog > "/var/log/httpd/foreman-ssl_error_ssl.log" > /etc/httpd/conf.d/05-foreman-ssl.conf: CustomLog > "/var/log/httpd/foreman-ssl_access_ssl.log" combined > /etc/httpd/conf.d/05-foreman-ssl.conf: ## SSL directives > /etc/httpd/conf.d/05-foreman-ssl.conf: SSLEngine on > /etc/httpd/conf.d/05-foreman-ssl.conf: SSLCertificateFile > "/etc/puppetlabs/puppet/ssl/certs/foremandv.example.com.pem" > /etc/httpd/conf.d/05-foreman-ssl.conf: SSLCertificateKeyFile > "/etc/puppetlabs/puppet/ssl/private_keys/foremandv.example.com.pem" > /etc/httpd/conf.d/05-foreman-ssl.conf: SSLCertificateChainFile > "/etc/puppetlabs/puppet/ssl/certs/ca.pem" > /etc/httpd/conf.d/05-foreman-ssl.conf: SSLCACertificateFile > "/etc/puppetlabs/puppet/ssl/certs/ca.pem" > /etc/httpd/conf.d/05-foreman-ssl.conf: SSLCARevocationFile > "/etc/puppetlabs/puppet/ssl/crl.pem" > /etc/httpd/conf.d/05-foreman-ssl.conf: SSLCARevocationCheck "chain" > /etc/httpd/conf.d/05-foreman-ssl.conf: SSLVerifyClient optional > /etc/httpd/conf.d/05-foreman-ssl.conf: SSLVerifyDepth 3 > /etc/httpd/conf.d/05-foreman-ssl.conf: SSLOptions +StdEnvVars > +ExportCertData > /etc/httpd/conf.d/05-foreman-ssl.conf: Include > /etc/httpd/conf.d/05-foreman-ssl.d/*.conf > /etc/httpd/conf.d/05-foreman-ssl.conf: IncludeOptional > /etc/httpd/conf.d/05-foreman-ssl.d/*.conf > grep: /etc/httpd/conf.d/05-foreman-ssl.d: Is a directory > > Yes it rhel 7, as you said these two looks correct. > > I don't have any foreman severs, am planning to build 2 foreman(WebUI/ENC) > servers (clustered) so that both foreman runs on generic ( > https://foremandv.example.com ) so that load will be distributed to both > servers and I have existing highly available puppet setup. I want to > integrate this foreman cluster with existing puppet set up. > > Can you please guide me about the smart proxy errors, how to configure wrt > to correct CA cert. > > Thank you very much !! > > -- You received this message because you are subscribed to the Google Groups "Foreman users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at https://groups.google.com/group/foreman-users. For more options, visit https://groups.google.com/d/optout.
