Hi, i´ve tried many setups for the configuration, but nothing works for me. I´ve tried the playpen/certs/ example, too. My setup:
- basic pulp installation - set the cert/key/ca (ssl.conf) to a trusted ca (comodo) - generate a own ca for repo auth - create a client key/cert with the following extension and sign them > [pulp-repos] > basicConstraints=CA:FALSE > 1.3.6.1.4.1.2312.9.2.0000.1=ASN1:UTF8:yum > 1.3.6.1.4.1.2312.9.2.0000.1.1=ASN1:UTF8:Pulp > 1.3.6.1.4.1.2312.9.2.0000.1.2=ASN1:UTF8:pulp-repo-test > 1.3.6.1.4.1.2312.9.2.0000.1.6=ASN1:UTF8:pulp/repos/test/ - enable the auth (repo_auth.conf) - create a test repository and set the --auth-ca parameter to the generated ca - try to get something from the test repo > curl --cacert ./certs/Pulp_CA.cert --cert ./certs/Pulp_client.cert --key ./certs/Pulp_client.key https://%s/pulp/repos/test/ > curl: (60) Peer's certificate issuer has been marked as not trusted by the user. > curl --cacert ./certs/Pulp_CA.cert --cert ./certs/Pulp_client.cert --key ./certs/Pulp_client.key https://%s/pulp/repos/test/ -k > curl: (56) Peer does not recognize and trust the CA that issued your certificate. Does anyone can say me, where's my fallacy? Regards 2017-03-13 17:44 GMT+01:00 Rene L <[email protected]>: > Hi Guys, > > I want to protect some repositories, but just found this blog entry from > 2011: > > http://pulpproject.org/2011/05/18/pulp-protected-repositories/ > > The documentation dont works for me. Did you have any other guides for > this usecase? > > Kind regards >
_______________________________________________ Pulp-list mailing list [email protected] https://www.redhat.com/mailman/listinfo/pulp-list
