FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Debian > Debian User

 
 
LinkBack Thread Tools
 
Old 12-30-2010, 12:42 PM
Patrik Martinsson
 
Default Anaconda rhel6 https.

Hello Everybody,



I'm curious about the ssl-verification when using an https-address for the repo-option in kickstart.

When I'm trying to use https I get the result "Peer cert cannot be verified or peer cert invalid" in the debug output from anaconda.



I know the cert is valid, but I guess it cant be verified against the CA anaconda is using ?

I noticed in later versions (>14.19-1) of anaconda the --noverifyssl flag was added which I'm pretty sure would solve my problem.



My question really boils down to,

- Can I somehow add our rootca to the CA anaconda is looking in, or make it validate our certs in some other way ?
















Patrik Martinsson

ITi



SMHI

Telefon 011-4958417 Fax 011-4958350

Mobil 011-4958417 Epost patrik.martinsson@smhi.se

601 76 Norrköping Besöksadress Folkborgsvägen 1

www.smhi.se





_______________________________________________
Anaconda-devel-list mailing list
Anaconda-devel-list@redhat.com
https://www.redhat.com/mailman/listinfo/anaconda-devel-list
 
Old 01-03-2011, 06:34 AM
Ales Kozumplik
 
Default Anaconda rhel6 https.

On 12/30/2010 02:42 PM, Patrik Martinsson wrote:

Hello Everybody,

I'm curious about the ssl-verification when using an https-address for
the repo-option in kickstart.
When I'm trying to use https I get the result "Peer cert cannot be
verified or peer cert invalid" in the debug output from anaconda.

I know the cert is valid, but I guess it cant be verified against the CA
anaconda is using ?
I noticed in later versions (>14.19-1) of anaconda the --noverifyssl
flag was added which I'm pretty sure would solve my problem.

My question really boils down to,
- Can I somehow add our rootca to the CA anaconda is looking in, or make
it validate our certs in some other way ?


Hi,

You can add your own CA in kickstart as Marko described here:
https://bugzilla.redhat.com/show_bug.cgi?id=599040#c0

Ales

_______________________________________________
Anaconda-devel-list mailing list
Anaconda-devel-list@redhat.com
https://www.redhat.com/mailman/listinfo/anaconda-devel-list
 

Thread Tools




All times are GMT. The time now is 11:13 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright ©2007 - 2008, www.linux-archive.org