Le mercredi 06 avril 2011 à 17:26 +0200, RaphaÃl De GIUSTI a Ãcrit : > Hello everyone, > > > I have secured a yum repository with SSL. The client has to be > authenticated to access that repository (client cert must be signed by > my CA). > I have packages in the %packages section of my kickstart that are in > that protected repo. > > > Of course, I could set this up in the %post section, but I need the > packages to be available in the %package section. > > > So, my idea was, in the %pre section of my kickstart, to : > - generate a SSL certificate, > - send it to the "repo server", > - make it signed by the CA, > - get it back, > - setup the .repo file with appropriate parameters Hi RaphaÃl, What is your aim here ? For RPM distribution using SSL, you should consider Red Hat Network Satellite. If for simple "security" reasons (please define those), you should be done solely using GPG signing, to check the origin of the packages against known keys. Regards, J. -- JÃrÃme Fenal, RHCE Tel.: +33 1 41 91 23 37 Solutions Architect Mob.: +33 6 88 06 51 15 Architecte Solutions Fax.: +33 1 41 91 23 32 http://www.fr.redhat.com/ jfenal@xxxxxxxxxx Red Hat France SARL Siret n 421 199 464 00064 Le Linea, 1 rue du GÃnÃral Leclerc 92047 Paris La DÃfense Cedex Red Hat Summit, JBoss World 2011 http://www.redhat.com/summit/ Red Hat Partner Summit http://www.europe.redhat.com/mktg/partnersummit/2011/ _______________________________________________ Kickstart-list mailing list Kickstart-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/kickstart-list
