----- Original Message ----- > From: "Randy Barlow" <[email protected]> > To: "Eric Helms" <[email protected]> > Cc: "Jeremy Cline" <[email protected]>, [email protected] > Sent: Wednesday, February 3, 2016 9:46:20 AM > Subject: Re: [Pulp-list] Pulp 2.6 vs 2.8 event notifier question > > On Wed, Feb 03, 2016 at 09:40:09AM -0500, Eric Helms wrote: > > Not to be argumentative, but that seems like a cop out. I would think as a > > user I should be able to provide you with the CA certificate that should > > be used for verification for a given event notification. I realize this is > > a deprecated feature and my intent is not to incur more work. However, I > > do find value in having the right solution in place. > > Isn't it the case that Katello is not in this situation? I.e., Katello > has the power to install the ca trust for the call back? Also, it > doesn't make sense to use https:// if you don't want trust to happen. > TLS is for two things: trust and privacy, and you can't have privacy > without trust.
Katello isn't - but I never said I was arguing for Katello's specific deployment scenario. I am looking at this from the general use case. If there is a Pulp installed over on Server A, and I have access to use it via the CLI or API and want to set up an event notifier to hit my box running on Server B that is running via HTTPS I cannot, at present, do this because I have to implant my server CA certificate on Server A which I may not have control over. Unless I am missing something fundamental to this workflow? Eric > > -- > Randy Barlow > irc: bowlofeggs > _______________________________________________ Pulp-list mailing list [email protected] https://www.redhat.com/mailman/listinfo/pulp-list
