Plugin does not work if Proxy has self signed SSL cerificate

[chelapurath]

For RHEL subscription there is level of security check for SSL certificate
/etc/rhsm.conf
# Set to 1 to disable certificate validation:
insecure = 0/1
even if proxy configuration are set via plugin, registration fails

[LalatenduMohanty]

@chelapurath Are you able to make it work with changing bits in /etc/rhsm.conf?

[chelapurath]

Yes, I was able to get the Registration working. It is fragile, and give me error sometimes even though the registration happened. So I do a vagrant reload once registration is completed and thus get the rest of the configuration done.

[JaredBurck]

@LalatenduMohanty @chelapurath From the CDK 2.2 Release Notes and Known Issues [1], 3.1.9. The vagrant-registration Plugin Does Not Work with Proxy and Self-Signed TLS Certificate. This looks like the known issue you have described.

[1] https://access.redhat.com/documentation/en/red-hat-container-development-kit/2.2/single/release-notes-and-known-issues/#the_literal_vagrant_registration_literal_plugin_does_not_work_with_proxy_and_self_signed_tsl_certificate

[coolbrg]

Yes @JaredBurck

[nebffa]

This plugin gets in early and we can't run a script before it to set the insecure setting, or add our own certificates to the root store. It would probably be easiest if it supported setting the insecure flag for the subscription manager.