Add Domain Controller Public Key to CLI Truststore

From NovaOrdis Knowledge Base
Jump to navigation Jump to search

External

Internal

Relevance

EAP 7

Overview

The management interface may be protected by configuring it to require all management traffic to go over SSL/TLS. This adds an additional layer of security by preventing management traffic to travel in clear over the network. This is the procedure to enable SSL/TLS on the management interface.

However, when the management interface is protected by SSL/TLS, but without additional configuration on CLI client side, the CLI does not recognizes by default the server certificate and challenges the user to manually accept the certificate:

TODO: try non-local auth and see if this works without manual challenge.

TODO: Mention if this only happens for local authentication.