doc: note SSL CA requirement for kojid

kojid hosts must have the CA that signed an HTTPS topurl in the system-wide store.
2021-02-23 16:45:22 -07:00 · 2021-02-23 16:45:22 -07:00 · e4a622c67e
commit e4a622c67e
parent 083a7822d4
1 changed files with 3 additions and 0 deletions
--- a/docs/source/server_howto.rst
+++ b/docs/source/server_howto.rst
@ -1122,6 +1122,9 @@ value that you've configured for Koji clients (above)::
    # The URL for the file access
    topurl=http://koji-filesystem.example.com/kojifiles

+If the "topurl" setting uses an HTTPS URL with a cert signed by a custom CA,
+the Koji builder must trust the CA system-wide.
+
 You may change "workdir", but it may not be the same as KojiDir on the
 ``kojihub.conf`` file. It can be something under KojiDir, just not the same as
 KojiDir.