[Freeipa-devel] certmonger proxy configuration not possible ?
Alexander Bokovoy
abokovoy at redhat.com
Mon Aug 8 09:48:07 UTC 2016
On Mon, 08 Aug 2016, Marx, Peter wrote:
>I am trying this but it has no effect - as if the environment is not passed to the called helper scep-submit.
>
>In /usr/lib/systemd/certmonger.service there is already a link defined to add stuff:
>[Service]
>..
>EnvironmentFile=/etc/sysconfig/certmonger
>
>In /etc/sysconfig/certmonger I added my proxy like this:
>
>[Service]
>Environment="http_proxy=http://proxyuser:proxypassword@proxyserver:proxyport"
>
>After systemctl daemon-reload and systemctl restart certmonger my
>requests still do not get to the proxy.
>
>Commenting out the EnvironmetFile line and adding the Environment line
>directly in certmonger.service had the same result.
>
>Can somebody confirm that the proxy setting is visible to the called
>scep-submit ?
I've checked certmonger source code and while libcurl can be configured
to use proxy and proxy authentication, certmonger does not configure it
to do so. As result, environmental variables have no influence on the
use of libcurl by certmonger.
It is worth to open a ticket for certmonger to add proxy support.
--
/ Alexander Bokovoy
More information about the Freeipa-devel
mailing list