Uploaded image for project: 'Satellite'
  1. Satellite
  2. SAT-40005

Make certificate management transparent when running the Satellite MCP server

XMLWordPrintable

    • Icon: Feature Request Feature Request
    • Resolution: Unresolved
    • Icon: Undefined Undefined
    • None
    • 6.18.0
    • Documentation
    • None
    • False
    • sat-endeavour
    • None
    • None
    • None
    • None

      Problem Statement

      The MCP server makes RESTful API calls to the Satellite server via SSL encrypted HTTP requests. In many Satellite environments, self-signed SSL certificates are used to encrypt the HTTP requests. In order to utilize self-signed SSL certificates with the MCP server, the SSL certificates must be imported and trusted by the host serving the MCP server container. 

      This process of importing and trusting the SSL certificates is difficult to perform and is difficult to document since there are many possible configurations available. 

      User Experience & Workflow

      We should take this opportunity to prescribe a simple solution to enabling a frictionless installation experience. Regardless of the chosen configuration, the import and trust of SSL certificates should not require user interaction. 

      An example workflow:

      1. Configure the MCP server to use a specific Satellite server.
      2. Run the MCP server.

      Here's how I got the MCP server working.

      Requirements

       

      Business Impact

      The Satellite MCP server is a very powerful tool to help users manage their RHEL systems. If we reduce the friction of installing and configuring the MCP server, we make it easier for users to become satellite power users. 

              Unassigned Unassigned
              myee@redhat.com Matthew Yee
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

                Created:
                Updated: