Hi Don, Pulp by default doesn't use client certificate checking, so it's very possible. Really though if you're using Pulp through Katello, this is highly dependant on how Katello is a) configuring the webservers and b) if they would allow that configuration to occur. Unfortunately I don't know either of those things. :/
Sorry I can't be of more help. -Brian On Tue, Feb 9, 2021 at 10:08 AM Don Hoover <[email protected]> wrote: > I am using pulp/katello and the way katello is setup is all "protected" > repos are shared via https and setup with client cert checking > (subscription-manager), while all "unprotected" repos are shared via > unencrypted-http but no certificate checking. > > By default katello wants to use unprotected/unencrypted http for sharing > "kickstart" repos for clients to access to boot off of during the first > phase of kickstart. Anaconda/kickstart can't use self-signed SSL certs > which I assume is what they were thinking, but https it works fine for > commercial certs. > > So I was wondering if there is a way to just disable all client cert > checking and then I can point the kickstart at the protected copy of the > repo instead. > _______________________________________________ > Pulp-list mailing list > [email protected] > https://www.redhat.com/mailman/listinfo/pulp-list
_______________________________________________ Pulp-list mailing list [email protected] https://www.redhat.com/mailman/listinfo/pulp-list
