NetSUS - SSL to deliver updates?

Question

Hi.

We have an SSL cert installed on our NetSUS appliance, which protects the management interface.  However, we would like to deliver software updates over SSL, using the NetSUS appliance.  Is this possible - I notice that when the URLs to the catalogs no longer display when you prefix them with https://

Has anyone managed to achieve this?

Thanks,

Ian

bofh · Accepted Answer

edit /etc/apache/sites-availabe/default

here a few lines you need to change

# Change port to 443
<VirtualHost the.machines.hostname:443>
# add this, change it to match the paths your ssl cert+priv key have, probably you will need some finetuning on ssl settings (SSLProtocol + SSLCiphers)
    SSLEngine on
    SSLCertificateFile      /etc/ssl/private/hostname.pem
    SSLCertificateKeyFile   /etc/ssl/private/hostname.key
    SSLCertificateChainFile /etc/ssl/private/certchain.crt
    SSLProtocol All -SSLv2 -SSLv3

and dont forget to set your clients to use https://the.machines.hostname/ instead of http://

And dont change the settings for the netboot "site", as netboot will only work with http / nfs.

flyboy · Answer

Hey @iannufc, do you have any documentation you can share on requesting and installing the Cert on the NetSUS management interface? I've installed NetSUS on a CentOS 7 VM for use in my test lab, and I'd like to add a cert from our internal PKI. Naturally, the NetSUS docs are super light and offer no instructions on how to generate the CSR, etc.

Thanks!

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded