Add cname support by ehelms · Pull Request #304 · theforeman/foremanctl

ehelms · 2025-11-14T13:18:27Z

This includes #294

This aims to add cname support to the default set of certificates, which is functionality foreman-installer allowed.

ehelms · 2025-12-05T16:51:55Z

Rebased

docs/certificates.md

src/playbooks/deploy/metadata.obsah.yaml

evgeni · 2026-03-06T07:39:41Z

src/roles/certificates/tasks/issue.yml

      -key "{{ certificates_ca_directory_keys }}/{{ certificates_hostname }}.key"
      -subj "/CN={{ certificates_hostname }}"
-      -addext "subjectAltName = DNS:{{ certificates_hostname }}"
+      -addext "subjectAltName = DNS:{{ certificates_hostname }}{% for cname in certificates_cnames %},DNS:{{ cname }}{% endfor %}"


quite unrelated to this particular PR, I realized we do not regenerate the cert if any of its properties change. should we?

Aye, tracking -- #401

Signed-off-by: Eric D. Helms <[email protected]>

ehelms force-pushed the add-cname-support branch 2 times, most recently from ed3ede4 to 640e718 Compare December 5, 2025 16:51

ehelms force-pushed the add-cname-support branch from 640e718 to e3d2e24 Compare January 31, 2026 20:55

ehelms force-pushed the add-cname-support branch from e3d2e24 to 841ee07 Compare March 5, 2026 21:43

evgeni reviewed Mar 6, 2026

View reviewed changes

docs/certificates.md Show resolved Hide resolved

evgeni reviewed Mar 6, 2026

View reviewed changes

src/playbooks/deploy/metadata.obsah.yaml Show resolved Hide resolved

evgeni reviewed Mar 6, 2026

View reviewed changes

src/playbooks/deploy/metadata.obsah.yaml Outdated Show resolved Hide resolved

evgeni reviewed Mar 6, 2026

View reviewed changes

evgeni requested changes Mar 6, 2026

View reviewed changes

pr-processor bot added the Waiting on contributor label Mar 6, 2026

Add cname support for certificates

96c1991

Signed-off-by: Eric D. Helms <[email protected]>

ehelms force-pushed the add-cname-support branch from 841ee07 to 96c1991 Compare March 6, 2026 21:37

pr-processor bot added Needs re-review and removed Waiting on contributor labels Mar 6, 2026

evgeni approved these changes Mar 9, 2026

View reviewed changes

pr-processor bot removed the Needs re-review label Mar 9, 2026

evgeni merged commit f7feb4c into theforeman:master Mar 9, 2026
11 checks passed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Add cname support#304

Add cname support#304
evgeni merged 1 commit intotheforeman:masterfrom
ehelms:add-cname-support

ehelms commented Nov 14, 2025

Uh oh!

ehelms commented Dec 5, 2025

Uh oh!

Uh oh!

Uh oh!

Uh oh!

evgeni Mar 6, 2026

Uh oh!

ehelms Mar 6, 2026

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

Conversation

ehelms commented Nov 14, 2025

Uh oh!

ehelms commented Dec 5, 2025

Uh oh!

Uh oh!

Uh oh!

Uh oh!

evgeni Mar 6, 2026

Choose a reason for hiding this comment

Uh oh!

ehelms Mar 6, 2026

Choose a reason for hiding this comment

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants