Original: Setting up Cockpit with a trusted SSL certificate (2019)
HTML-код
- Опубликовано: 10 июн 2024
- I did a remake of this video, as my solution didn't work in all cases. Check out the remake here, it's about both RHEL7 and RHEL8: • Remake: Setting up Coc...
Cockpit is an awesome tool to manage systems with. Even for experienced admins, it has some nice features that come in handy every now and then, like live performance metrics, just to name one.
If you're a little less familiar with Linux, the Web Console as we call our enterprise version of Cockpit in Red Hat Enterprise Linux, make your life a lot easier! You can do most common systems administration tasks through a web UI now, like configuring networking, configuring storage and keeping track of system performance. Great!
However, I hate seeing my browsers complain about untrusted SSL certificates and having to add an exception for each system that I log into. This video was made to help you prevent that, by showing how to add a trusted SSL certificate to Cockpit on RHEL7 and up.
Hope you enjoy!
Check out my accompanying blog, too: 100things.wzzrd.com 
Наука
![Latto - Sunday Service (feat. Megan Thee Stallion & Flo Milli) [Remix] (Official Video)](http://i.ytimg.com/vi/9gL0F1xIt2I/mqdefault.jpg)
Ben benieuwd om er eens mee te spelen. Binnenkort op werk maar eens rhel8 binnen halen. Dank voor de duidelijke tutorial.
Graag gedaan!
Hi, i'm new to certmonger and cockpit. How do you get the cokpit-demo.pem and .key file since they are not present at default?
I have the same problem. And yet, everyone gave a thumbs -up, which is misleading because you think there is a working solution.
Hi Johan, I see that for RHEL8 at least, my solution does seem to be imperfect. I just replayed my stuff on a fresh RHEL8 VM + IDM domain, and what I call .pem in the video should actually be .crt, it seems. On RHEL8, the certificate and it's key can be two separate files, so the sed bit isn't needed anymore.
I've put this on my list to make an updated video about.
@@Sunnyside--Up see above
Remake is up here: ruclips.net/video/W26rWtEqToc/видео.html
is it possible to add remove domain, Select php version and install ssl etc...
You mean through cockpit? Or with Ansible?
@@100thingstodowithredhatpro8 both
@@salexkorsan8790 Well, Cockpit offers a built-in terminal, so you can execute shell commands through that and Ansible can do just about everything as long as you write an appropriate playbook :)
not working for me, cockpit will regenerate the self-signed certificates every time I restart the service
systemctl stop cockpit && systemctl stop cockpit.socket && mv /etc/cockpit/ws-certs.d/0-self-signed* /backup/ && ipa-getcert request ...
@@vampirzhul8115 On RHEL8, the certificate seems to need to be called .crt and not .pem as the key and certificate files on RHEL8 are separate, and no longer concatenated. I'll update the video in the not too distant future.
Remake is up here: ruclips.net/video/W26rWtEqToc/видео.html
Hi, I was excited to find your video. First, it doesn't work with error message 'Error parsing Kerberos principal name "host/cockpit-demo.deployment6.lan": Configuration file does not specify default realm." Second, I do not understand why we had to download the certificate from your Microsoft server, whatever that means and it states that it is demo. Doesn't really look permanent. Third, just for another time when writing commands inside your terminal, it ends up to be at the veeeery bottom of the screen, when paused to type up what you typed, RUclips has its white control buttons coming right over it. I am sure there is effort involved trying to prepare a video, which I appreciate everyone undertaking, however, it is also waste of our times if the video is disorganized.
Your subject matter is not easily found on the internet, I hope you make it worthwhile. Cheers.
Remake is up here: ruclips.net/video/W26rWtEqToc/видео.html
@@100thingstodowithredhatpro8 Much appreciate you following up and pointing me towards your new video. Thank you! I will follow your instructions as soon as I get to it.
@@Sunnyside--Up Let me know how that goes!