yahoo-eng-team team mailing list archive
-
yahoo-eng-team team
-
Mailing list archive
-
Message #80070
[Bug 1517180] Re: No support for adding custom certificate chains
** Changed in: maas
Status: Invalid => New
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to cloud-init.
https://bugs.launchpad.net/bugs/1517180
Title:
No support for adding custom certificate chains
Status in cloud-init:
Triaged
Status in curtin:
Triaged
Status in MAAS:
New
Bug description:
In a MAAS behind a proxy that uses a self-signed certificate, when
machines provisioned using maas attempt to contact e.g.
https://entropy.ubuntu.com, they fail to validate the cert chain and
fail.
Suggested solution borrowed from an email from kirkland:
On the MAAS administrative configuration page, we should add a small
section where the MAAS admin can copy/paste/edit any certificate
chains that they want to add to machines provisioned by MAAS. These
certs should then be inserted into /etc/ssl/certs by cloud-init or
curtin on initial install (depending on the earliest point at which
the cert might be needed).
To manage notifications about this bug go to:
https://bugs.launchpad.net/cloud-init/+bug/1517180/+subscriptions