I am trying to install AWX for development purposes / demoing, etc., internally at work, but am not able to get much working, as everything I want to communicate with is behind internally-signed SSL servers.
Is there a way to include a set of trusted certificates that would allow AWX to talk to other systems without getting all of these Peer Not Authenticated errors?
We don’t have a directly supported way to go about this. You can update the container image to add these to the certificate trust store (in /etc/pkg) and then rebuild the image for your use.
This definitely sounds like something that could be automated… if you can generalize it then send us a PR, would love to have it.
I’ll have to take a look at where this would be added. I know that for some other things in-house, I’ve been able to get by with the following two lines:
COPY additional_certs/* /etc/pki/ca-trust/source/anchors/ RUN update-ca-trust force-enable && update-ca-trust extract && update-ca-trust