pem is the container format, which is based on Base64. You'll find the self-signed one on your SF deployment here: /etc/pki/tls/certs/<fqdn>.crt You should use the same format.
Cheers, Fabien On Fri, Jan 17, 2020 at 11:42 AM Mourad Renai <[email protected]> wrote: > Hello Mr Boucher, > > > > Thanks a lot for your quick answer. > > Here are questions from our IT-Service about ssl-certificates: > > Which style the certificate must have? > > Base64? > > Binary ? > > PFX ? > > > > We already tried to setup our own certificates and ran the *sfconfig *command, > but get some errors. And till certificates configuration failed I thin we > could not activate the AD/LDAP configuration. > > > > About the theming, I will have a look on ansible-roles/templates. > > > > Thanks > > > > Cordialement, Best regards, > > > > *Mourad Renaï* > > *Principal Engineer* > > *Software Integrator* > > Engineering/Development > > *e-mail**:**[email protected] <[email protected]>* > > *Direct*: +33-1-30-17-85-39 > > *Tech Center* > > *Veoneer France SAS* > > *Address*: Rue du Petit Albi Parc SILIC > > Batiment Le Cerynie > > 95800 Cergy-Pontoise > > France > > <https://www.linkedin.com/company/18452321/> > > <https://twitter.com/Veoneer1> > > <https://www.youtube.com/channel/UCRO1uMYtcNm1pzmQly1L4nw> > > <https://www.facebook.com/Veoneer/> > > > > > > *From:* Fabien Boucher <[email protected]> > *Sent:* vendredi 17 janvier 2020 10:41 > *To:* Mourad Renai <[email protected]> > *Cc:* [email protected]; Matthias Brogies < > [email protected]>; Ludovic Martineau < > [email protected]>; Karmaidine Mougamadou < > [email protected]>; Niklas Storm < > [email protected]> > *Subject:* Re: [SF 3.3] AD/LDAP Authentication configuration support > request > > > > Hi, > > > > On Fri, Jan 17, 2020 at 9:53 AM Mourad Renai <[email protected]> > wrote: > > Hello, > > > > I’m software integrator on a software development project at Veoneer > <https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.veoneer.com%2F&data=02%7C01%7Cmourad.renai%40veoneer.com%7C57f898456b2e44a902f908d79b3171c3%7C8112232996bb41cc905365e30c689cd5%7C0%7C0%7C637148508968662290&sdata=eHxSHnTgd98hlGSqL2e8o94PShE1ZLR9wLr%2BT4MtzfU%3D&reserved=0> > . > > We plan to setup a Continuous Integration engine based on your tool : > Software-Factory, as it groups several tools and as described in the > documentation “easy to setup”. > > We have setup initial configuration on SF v3.3 installation made on a > virtual machine with CentOS 7. > > > > Please note that the last SF version is 3.4 > https://www.softwarefactory-project.io/releases/3.4/ > <https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.softwarefactory-project.io%2Freleases%2F3.4%2F&data=02%7C01%7Cmourad.renai%40veoneer.com%7C57f898456b2e44a902f908d79b3171c3%7C8112232996bb41cc905365e30c689cd5%7C0%7C0%7C637148508968662290&sdata=slnwrnTS4jhZJMRWmpxE%2FcKIGk2tOnISIWF7Ubsw714%3D&reserved=0> > > > > For now we only succeeded to run [*sfconfig --provision-demo*] + change our > FQDN. > > The “welcome” page is reachable, but we have a warning (in Chrome) about > certificates (error : NET::ERR_CERT_AUTHORITY_INVALID). Of course we can > procced anyway to the link : > > > > We understood that the SF server should be updates with our certificates. Our > IT service tried to do so within SF configuration, but the related document > is not enough detailed to support us > (https://softwarefactory-project.io/docs/operator/auths.html > <https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fsoftwarefactory-project.io%2Fdocs%2Foperator%2Fauths.html&data=02%7C01%7Cmourad.renai%40veoneer.com%7C57f898456b2e44a902f908d79b3171c3%7C8112232996bb41cc905365e30c689cd5%7C0%7C0%7C637148508968672286&sdata=I3rTdWaQEhrxmRnUpEdUERnXGDZIqwHZZ95Vmrhq6oE%3D&reserved=0>). > > Documentations for many others kind of authentications are more explained. > > > > So could you support us to these 2 points ? > > · Configure properly our SF server within our certificates > > > > Here, you'll find the process to setup your own certificates: > https://softwarefactory-project.io/docs/operator/configuration.html#ssl-certificates > <https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fsoftwarefactory-project.io%2Fdocs%2Foperator%2Fconfiguration.html%23ssl-certificates&data=02%7C01%7Cmourad.renai%40veoneer.com%7C57f898456b2e44a902f908d79b3171c3%7C8112232996bb41cc905365e30c689cd5%7C0%7C0%7C637148508968672286&sdata=c3aKtRpSWlDUAK78Pv53PqKzY%2BKUBvfMPwIOy2LaPPQ%3D&reserved=0> > > > > > > · Configure connection of our SF Server with our Active Directory / > LDAP > > > > We don't use this kind of authentication or are not aware of any other SF > users using it. Thus it might need some debug. You'll need to set this > configuration in sfconfig.yaml > https://softwarefactory-project.io/cgit/software-factory/sf-config/tree/defaults/sfconfig.yaml#n78 > <https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fsoftwarefactory-project.io%2Fcgit%2Fsoftware-factory%2Fsf-config%2Ftree%2Fdefaults%2Fsfconfig.yaml%23n78&data=02%7C01%7Cmourad.renai%40veoneer.com%7C57f898456b2e44a902f908d79b3171c3%7C8112232996bb41cc905365e30c689cd5%7C0%7C0%7C637148508968682276&sdata=3X4LQ3VZ8aclhQXHhYtcTVYn%2FrHr2a81f87RbOMgqKc%3D&reserved=0> > and run sfconfig command again. > > Feel free to contribute back to SF code base any fixes if needed. > > > > > > > > Another “nice to have” topic is about how to make our SF Server web pages > with our brand colors/logo ? > > I managed to update some html pages used by sf (sf/welcome.html as well as > topmenu.html or also GeritHeaderSite.html)/ > > But each time the *sfconfig* command is executed, all these updates are > overridden by default html files (I understand that all html pages are > auto-generated depending on what project/component/services are configured on > SF server). > > So is there a way to put our branding colors and logo? > > > > You might be able to make you changes directly in > /usr/share/sf-config/ansible/roles/. This directory contains the ansible > roles, files, templates used by sfconfig command. > > However, an updated of the sf-config package will overwrite your changes, > so you'll need to save you change somewhere else too. > > > > > > > > > > Thanks in advance for your support. > > > > > > Cordialement, Best regards, > > > > *Mourad Renaï* > > *Principal Engineer* > > *Software Integrator* > > Engineering/Development > > *e-mail**:**[email protected] <[email protected]>* > > *Direct*: +33-1-30-17-85-39 > > *Tech Center* > > *Veoneer France SAS* > > *Address*: Rue du Petit Albi Parc SILIC > > Batiment Le Cerynie > > 95800 Cergy-Pontoise > > France > > > <https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.linkedin.com%2Fcompany%2F18452321%2F&data=02%7C01%7Cmourad.renai%40veoneer.com%7C57f898456b2e44a902f908d79b3171c3%7C8112232996bb41cc905365e30c689cd5%7C0%7C0%7C637148508968682276&sdata=wST4SKuqWSmRRJkrBLZ7hKYuqzkeOBmoekf8a5r0%2Fm8%3D&reserved=0> > <https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.linkedin.com%2Fcompany%2F18452321%2F&data=02%7C01%7Cmourad.renai%40veoneer.com%7C57f898456b2e44a902f908d79b3171c3%7C8112232996bb41cc905365e30c689cd5%7C0%7C0%7C637148508968682276&sdata=wST4SKuqWSmRRJkrBLZ7hKYuqzkeOBmoekf8a5r0%2Fm8%3D&reserved=0> > <https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.linkedin.com%2Fcompany%2F18452321%2F&data=02%7C01%7Cmourad.renai%40veoneer.com%7C57f898456b2e44a902f908d79b3171c3%7C8112232996bb41cc905365e30c689cd5%7C0%7C0%7C637148508968682276&sdata=wST4SKuqWSmRRJkrBLZ7hKYuqzkeOBmoekf8a5r0%2Fm8%3D&reserved=0> > > > <https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Ftwitter.com%2FVeoneer1&data=02%7C01%7Cmourad.renai%40veoneer.com%7C57f898456b2e44a902f908d79b3171c3%7C8112232996bb41cc905365e30c689cd5%7C0%7C0%7C637148508968692275&sdata=eig1yNDmAM%2BpNgSZSPyafX1PwdNuCtRKKrWHdqZBfWA%3D&reserved=0> > <https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Ftwitter.com%2FVeoneer1&data=02%7C01%7Cmourad.renai%40veoneer.com%7C57f898456b2e44a902f908d79b3171c3%7C8112232996bb41cc905365e30c689cd5%7C0%7C0%7C637148508968692275&sdata=eig1yNDmAM%2BpNgSZSPyafX1PwdNuCtRKKrWHdqZBfWA%3D&reserved=0> > <https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Ftwitter.com%2FVeoneer1&data=02%7C01%7Cmourad.renai%40veoneer.com%7C57f898456b2e44a902f908d79b3171c3%7C8112232996bb41cc905365e30c689cd5%7C0%7C0%7C637148508968692275&sdata=eig1yNDmAM%2BpNgSZSPyafX1PwdNuCtRKKrWHdqZBfWA%3D&reserved=0> > > > <https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.youtube.com%2Fchannel%2FUCRO1uMYtcNm1pzmQly1L4nw&data=02%7C01%7Cmourad.renai%40veoneer.com%7C57f898456b2e44a902f908d79b3171c3%7C8112232996bb41cc905365e30c689cd5%7C0%7C0%7C637148508968692275&sdata=WAMa3qF6u49SCz%2F%2FRFQGxpeuijY8rUhk%2Fthyq2QRrEY%3D&reserved=0> > <https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.youtube.com%2Fchannel%2FUCRO1uMYtcNm1pzmQly1L4nw&data=02%7C01%7Cmourad.renai%40veoneer.com%7C57f898456b2e44a902f908d79b3171c3%7C8112232996bb41cc905365e30c689cd5%7C0%7C0%7C637148508968692275&sdata=WAMa3qF6u49SCz%2F%2FRFQGxpeuijY8rUhk%2Fthyq2QRrEY%3D&reserved=0> > <https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.youtube.com%2Fchannel%2FUCRO1uMYtcNm1pzmQly1L4nw&data=02%7C01%7Cmourad.renai%40veoneer.com%7C57f898456b2e44a902f908d79b3171c3%7C8112232996bb41cc905365e30c689cd5%7C0%7C0%7C637148508968692275&sdata=WAMa3qF6u49SCz%2F%2FRFQGxpeuijY8rUhk%2Fthyq2QRrEY%3D&reserved=0> > > > <https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.facebook.com%2FVeoneer%2F&data=02%7C01%7Cmourad.renai%40veoneer.com%7C57f898456b2e44a902f908d79b3171c3%7C8112232996bb41cc905365e30c689cd5%7C0%7C0%7C637148508968702269&sdata=VjGunjsbHTHQoUqfvS2k2qlTh1kJad0XAXkEyqorKWQ%3D&reserved=0> > <https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.facebook.com%2FVeoneer%2F&data=02%7C01%7Cmourad.renai%40veoneer.com%7C57f898456b2e44a902f908d79b3171c3%7C8112232996bb41cc905365e30c689cd5%7C0%7C0%7C637148508968702269&sdata=VjGunjsbHTHQoUqfvS2k2qlTh1kJad0XAXkEyqorKWQ%3D&reserved=0> > <https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.facebook.com%2FVeoneer%2F&data=02%7C01%7Cmourad.renai%40veoneer.com%7C57f898456b2e44a902f908d79b3171c3%7C8112232996bb41cc905365e30c689cd5%7C0%7C0%7C637148508968702269&sdata=VjGunjsbHTHQoUqfvS2k2qlTh1kJad0XAXkEyqorKWQ%3D&reserved=0> > > > > > > > *************************************************************** > Consider the environment before printing this message. > > To read the Company's Information and Confidentiality Notice, follow this > link: > http://www.veoneer.com/en/important-information-and-confidentiality-notice > <https://eur03.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.veoneer.com%2Fen%2Fimportant-information-and-confidentiality-notice&data=02%7C01%7Cmourad.renai%40veoneer.com%7C57f898456b2e44a902f908d79b3171c3%7C8112232996bb41cc905365e30c689cd5%7C0%7C0%7C637148508968712262&sdata=TqVX3idntcfI8FOGx2Kwq%2FqBGD0BPoKGhrOsoh7WrWI%3D&reserved=0> > *************************************************************** > > > *************************************************************** > Consider the environment before printing this message. > > To read the Company's Information and Confidentiality Notice, follow this > link: > http://www.veoneer.com/en/important-information-and-confidentiality-notice > *************************************************************** >
_______________________________________________ Softwarefactory-dev mailing list [email protected] https://www.redhat.com/mailman/listinfo/softwarefactory-dev
