A Custom SSL port for Munki, and the corresponding client-side Setting

There may be - in some hopefully rare and unique circumstances, AKA edge-cases, where you want to have your Munki server listening on a custom port (here's looking at you, Filemaker Server 18), and want to know how to get an associated client talking to said server.

This raises some potential concerns, and quite probably should not be used for any public-facing server, there is of course nothing whatsoever to be gained in terms of (would-be) "security" to be using a non-standard port. Still, there may be a need to do so for a private, (possibly) internal-only setup.

It's far beyond the scope of this post, but one way to go - server-side - is to install Nginx, set it to listen on your custom port (eg 8443), and then on the clients, adjust their Repo setting accordingly. For example:

sudo defaults write /Library/Preferences/ManagedInstalls.plist SoftwareRepoURL "http://server.company.com:8080/munki_repo"

You might also want to have such a setting put in place (or enforced) via MDM, and/or your client management tools of choice - be it Salt, Ansible or otherwise.



Published Jan 15, 2020 by David Haines,

coresolutiongroup.com

(413) 584-5115

Background header image for this piece by Goran Ivos on Unsplash