Add Domain Controller Public Key to CLI Truststore: Difference between revisions
Jump to navigation
Jump to search
| Line 13: | Line 13: | ||
=Overview= | =Overview= | ||
The management interface may be protected by configuring it to require all management traffic to go over SSL/TLS. This adds an additional layer of security by preventing management traffic to travel in clear over the network. This is the procedure to enable SSL/TLS on the management interface. However, when | The management interface may be protected by configuring it to require all management traffic to go over SSL/TLS. This adds an additional layer of security by preventing management traffic to travel in clear over the network. This is the procedure to enable SSL/TLS on the management interface. | ||
However, when the management interface is protected by SSL/TLS, but without additional configuration on CLI client side, the CLI does not recognizes by default the server certificate and challenges the user to manually accept the certificate: | |||
<font color=red>TODO: try non-local auth and see if this works without manual challenge.</font> | |||
<font color=red>TODO: Mention if this only happens for local authentication.</font> | |||
<pre> | |||
</pre> | |||
Revision as of 19:39, 20 March 2017
External
- How to avoid manual interaction of accepting certificate while using CLI API? https://access.redhat.com/solutions/701103
Internal
Relevance
EAP 7
Overview
The management interface may be protected by configuring it to require all management traffic to go over SSL/TLS. This adds an additional layer of security by preventing management traffic to travel in clear over the network. This is the procedure to enable SSL/TLS on the management interface.
However, when the management interface is protected by SSL/TLS, but without additional configuration on CLI client side, the CLI does not recognizes by default the server certificate and challenges the user to manually accept the certificate:
TODO: try non-local auth and see if this works without manual challenge.
TODO: Mention if this only happens for local authentication.