On 08/27/2014 10:07 AM, Sean Waite wrote: > If you read the release notes > (http://pulp-user-guide.readthedocs.org/en/latest/release-notes/2.4.x.html), > you'll see that with the self-signed certs, you'll need to set > verify_ssl to False in the admin.conf and others.
I'd like to add that verify_ssl should only be set to False when you are confident that it will not be a security risk for you. When verify_ssl is set to False, you lose a lot of the benefit of SSL and become vulnerable to MITM attacks and other creative vectors. If you aren't sure, make sure to keep it set to True and use real signed certificates with your Apache server that is running Pulp. Koen, the specific issue you are running into is that 2.4.0 introduced some new settings for that and other files, and those settings must be present. admin.conf doesn't have an .rpmnew file (this is also mentioned in the release notes), but please check all .rpmnew files under /etc/pulp, and make sure you have included any other new settings that have been introduced in this release. Our resident jortel has introduced a change for a future Pulp release that will fix our configuration system so that new settings will have sane defaults when they are not specified in config files so that we can avoid this trouble in future releases.
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Pulp-list mailing list [email protected] https://www.redhat.com/mailman/listinfo/pulp-list
