Le mercredi 06 avril 2011 à 17:26 +0200, Raphaël De GIUSTI a écrit : > Hello everyone, > > > I have secured a yum repository with SSL. The client has to be > authenticated to access that repository (client cert must be signed by > my CA). > I have packages in the %packages section of my kickstart that are in > that protected repo. > > > Of course, I could set this up in the %post section, but I need the > packages to be available in the %package section. > > > So, my idea was, in the %pre section of my kickstart, to : > - generate a SSL certificate, > - send it to the "repo server", > - make it signed by the CA, > - get it back, > - setup the .repo file with appropriate parameters
Hi Raphaël, What is your aim here ? For RPM distribution using SSL, you should consider Red Hat Network Satellite. If for simple "security" reasons (please define those), you should be done solely using GPG signing, to check the origin of the packages against known keys. Regards, J. -- Jérôme Fenal, RHCE Tel.: +33 1 41 91 23 37 Solutions Architect Mob.: +33 6 88 06 51 15 Architecte Solutions Fax.: +33 1 41 91 23 32 http://www.fr.redhat.com/ [email protected] Red Hat France SARL Siret n° 421 199 464 00064 Le Linea, 1 rue du Général Leclerc 92047 Paris La Défense Cedex Red Hat Summit, JBoss World 2011 http://www.redhat.com/summit/ Red Hat Partner Summit http://www.europe.redhat.com/mktg/partnersummit/2011/ _______________________________________________ Kickstart-list mailing list [email protected] https://www.redhat.com/mailman/listinfo/kickstart-list
