Skip to content

Only list required v3_req parameters in openssl.conf#3700

Merged
aneta-petrova merged 3 commits intotheforeman:masterfrom
aneta-petrova:cert_minimum
Apr 11, 2025
Merged

Only list required v3_req parameters in openssl.conf#3700
aneta-petrova merged 3 commits intotheforeman:masterfrom
aneta-petrova:cert_minimum

Conversation

@aneta-petrova
Copy link
Member

@aneta-petrova aneta-petrova commented Feb 26, 2025

What changes are you introducing?

Removing selected [v3_req] parameters from example openssl.cnf.

Why are you introducing these changes? (Explanation, links to references, issues, etc.)

The current list includes parameters that are not strictly necessary. https://issues.redhat.com/browse/SAT-31112

Anything else to add? (Considerations, potential downsides, alternative solutions you have explored, etc.)

N/A

Checklists

  • I am okay with my commits getting squashed when you merge this PR.
  • I am familiar with the contributing guidelines.

Please cherry-pick my commits into:

  • Foreman 3.14/Katello 4.16
  • Foreman 3.13/Katello 4.15 (EL9 only)
  • Foreman 3.12/Katello 4.14 (Satellite 6.16)
  • Foreman 3.11/Katello 4.13 (orcharhino 6.11 on EL8 only; orcharhino 7.0 on EL8+EL9)
  • Foreman 3.10/Katello 4.12
  • Foreman 3.9/Katello 4.11 (Satellite 6.15; orcharhino 6.8/6.9/6.10)
  • Foreman 3.8/Katello 4.10
  • Foreman 3.7/Katello 4.9 (Satellite 6.14)
  • We do not accept PRs for Foreman older than 3.7.

@github-actions github-actions bot added Needs tech review Requires a review from the technical perspective Needs style review Requires a review from docs style/grammar perspective Needs testing Requires functional testing labels Feb 26, 2025
@aneta-petrova aneta-petrova removed the Needs testing Requires functional testing label Feb 26, 2025
@github-actions
Copy link

github-actions bot commented Feb 26, 2025
edited
Loading

The PR preview for 16c62a7 is available at theforeman-foreman-documentation-preview-pr-3700.surge.sh

The following output files are affected by this PR:

show diff

show diff as HTML

@aneta-petrova
Copy link
Member Author

aneta-petrova commented Feb 26, 2025

I recall @lpramuk saying that he might be willing to test this :) Can you, Lukáš? Please, let me know what you find out.

ehelms
ehelms reviewed Mar 12, 2025
View reviewed changes
@aneta-petrova aneta-petrova marked this pull request as ready for review March 12, 2025 14:36
ehelms
ehelms reviewed Mar 13, 2025
View reviewed changes
guides/common/modules/proc_creating-a-custom-ssl-certificate.adoc
keyUsage = digitalSignature, nonRepudiation, keyEncipherment, dataEncipherment
extendedKeyUsage = serverAuth, clientAuth, codeSigning, emailProtection
keyUsage = digitalSignature, keyEncipherment
extendedKeyUsage = serverAuth, clientAuth
Copy link
Member

@ehelms ehelms Mar 13, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The testing of this uses this configuration which includes some of these (as it was following the docs): https://github.com/SatelliteQE/robottelo/blob/7306155b578f1f574f7ad07060b09fdfaa8d9e3f/tests/foreman/data/openssl.cnf#L60-L61

We should update that to match this.

@aneta-petrova
Copy link
Member Author

aneta-petrova commented Mar 13, 2025

@lpramuk might be able to test next week.

@ehelms ehelms mentioned this pull request Mar 20, 2025
Merged
@Satellite-QE Satellite-QE mentioned this pull request Apr 2, 2025
Merged
@aneta-petrova
Copy link
Member Author

aneta-petrova commented Apr 9, 2025

@lpramuk and/or @ehelms, does SatelliteQE/robottelo#17987 mean that we can merge this doc PR as well?

@aneta-petrova aneta-petrova added tech review done No issues from the technical perspective and removed Needs tech review Requires a review from the technical perspective labels Apr 11, 2025
@aneta-petrova
Copy link
Member Author

aneta-petrova commented Apr 11, 2025

Dear writers, anyone up for a style review?

maximiliankolb
maximiliankolb approved these changes Apr 11, 2025
View reviewed changes
Copy link
Contributor

@maximiliankolb maximiliankolb left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM; link works

@maximiliankolb maximiliankolb added style review done No issues from docs style/grammar perspective and removed Needs style review Requires a review from docs style/grammar perspective labels Apr 11, 2025
@aneta-petrova aneta-petrova merged commit c5ad188 into theforeman:master Apr 11, 2025
9 checks passed
aneta-petrova added a commit that referenced this pull request Apr 11, 2025
@aneta-petrova
Only list required v3_req parameters in openssl.conf (#3700)
709f15d 
(cherry picked from commit c5ad188)
aneta-petrova added a commit that referenced this pull request Apr 11, 2025
@aneta-petrova
Only list required v3_req parameters in openssl.conf (#3700)
96489a3 
(cherry picked from commit c5ad188)
aneta-petrova added a commit that referenced this pull request Apr 11, 2025
@aneta-petrova
Only list required v3_req parameters in openssl.conf (#3700)
a769def 
(cherry picked from commit c5ad188)
aneta-petrova added a commit that referenced this pull request Apr 11, 2025
@aneta-petrova
Only list required v3_req parameters in openssl.conf (#3700)
9d8ae60 
(cherry picked from commit c5ad188)
aneta-petrova added a commit that referenced this pull request Apr 11, 2025
@aneta-petrova
Only list required v3_req parameters in openssl.conf (#3700)
4dd7a9d 
(cherry picked from commit c5ad188)
aneta-petrova added a commit that referenced this pull request Apr 11, 2025
@aneta-petrova
Only list required v3_req parameters in openssl.conf (#3700)
e5d099d 
(cherry picked from commit c5ad188)
aneta-petrova added a commit that referenced this pull request Apr 11, 2025
@aneta-petrova
Only list required v3_req parameters in openssl.conf (#3700)
42a973e 
(cherry picked from commit c5ad188)
aneta-petrova added a commit that referenced this pull request Apr 11, 2025
@aneta-petrova
Only list required v3_req parameters in openssl.conf (#3700)
5535745 
(cherry picked from commit c5ad188)
@aneta-petrova
Copy link
Member Author

aneta-petrova commented Apr 11, 2025

Merged to "master" and cherry-picked:

23f1d0b..5535745 3.14 -> 3.14
7c77419..42a973e 3.13 -> 3.13
98aa730..e5d099d 3.12 -> 3.12
74e17b2..4dd7a9d 3.11 -> 3.11
1eb3a2a..9d8ae60 3.10 -> 3.10
854aa95..a769def 3.9 -> 3.9
3115f6b..96489a3 3.8 -> 3.8
c715e40..709f15d 3.7 -> 3.7

@aneta-petrova aneta-petrova deleted the cert_minimum branch July 26, 2025 16:14
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@ehelms ehelms ehelms left review comments

@ekohl ekohl ekohl approved these changes

@maximiliankolb maximiliankolb maximiliankolb approved these changes

Assignees

No one assigned

Labels

style review done No issues from docs style/grammar perspective tech review done No issues from the technical perspective

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@aneta-petrova @ekohl @ehelms @maximiliankolb