-
Bug
-
Resolution: Unresolved
-
Major
-
None
-
6.14.1
-
Rocket
-
1
-
False
-
Important
-
sat-rocket
-
None
-
None
-
None
-
None
-
No
Document URL:
https://access.redhat.com/documentation/en-
us/red_hat_satellite/6.14/html/installing_capsule_server/installing-capsule-server#creating-a-custom-ssl-certificate_capsule
Section Number and Name:
2.6.2.1. Creating a Custom SSL Certificate for Capsule Server
Describe the issue:
On a capsule installation doc, we mentioned :
On Satellite Server, create a custom certificate for your Capsule Server.
Suggestions for improvement:
The accurate statement should indeed be that each external Capsule Server should have its own Certificate Signing Request (CSR) and private key generated. Each Capsule Server should obtain a unique set of certificates to establish secure communication.
To provide more clarity, the correct procedure is to create a custom certificate for each external Capsule Server by generating a distinct CSR and private key for each Capsule.
Additional information:
2.6.2.2. Deploying a Custom SSL Certificate to Capsule Server
we can add the below note before generating or performing # katello-certs-check
Once you have obtained the server certificate, private key, and CA chain from the Certificate Authority (CA) for each Capsule Server, you should organize these files into separate directories named after each Capsule Server on your Satellite Server.