[Pulp-list] Pulp 2.6 vs 2.8 event notifier question

Michael Hrivnak mhrivnak at redhat.com
Thu Feb 4 12:56:04 UTC 2016


On Wed, Feb 3, 2016 at 9:36 PM, Jeremy Cline <jcline at redhat.com> wrote:

>
> Is there any reason to be configuring an event listener to POST to a
> URL over HTTPS when you expressly *don't* want to be secure?
>
>
Good point, although at the moment I suspect it's an issue of convenience.
If an app like katello does not care about security of this particular
communication, it is best to expose an http endpoint without SSL. However
we can appreciate that having to expose only one API endpoint that way
while the rest of an app's API is only served with SSL introduces new
complexities in their deployment model. It is likely to be simpler on the
whole to add a setting to the notifier that optionally disables the check,
so users don't have to change their apps to use pulp 2.8.

More generally, for testing deployments or proofs-of-concept, where SSL is
desired but legit certs are not worth procuring, it may be reasonable to
use https without verification. This is the general use case for why most
http clients support an option to disable cert verification.

Michael
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/pulp-list/attachments/20160204/548975f4/attachment.htm>


More information about the Pulp-list mailing list