Uploaded image for project: 'Puppet Enterprise (moved to puppet.atlassian.net)'
  1. Puppet Enterprise (moved to puppet.atlassian.net)
  2. ENTERPRISE-843

Built in curl does not honor OS SSL library

    XMLWordPrintable

Details

    • Bug
    • Status: Resolved
    • Normal
    • Resolution: Fixed
    • PE 2015.2.3
    • None
    • Agent Installer, Modules
    • None
    • Monolithic
    • Ubuntu 14.04 (amd64)

    Description

      PE 2015.3 comes with an included curl binary located at /opt/puppetlabs/puppet/bin/curl.

      Unlike the curl binary included with the Ubuntu operating system, the one included with PE does not honor the underlying operating system's SSL library. This means that no certificate is presented to our transparent HTTPS intercept/proxy, which in turn means that any external attempts made by the included curl over HTTPS, for example to https://forge.puppetlabs.com, fail with an SSL mismatch error.

      Deleting the /opt/puppetlabs/puppet/bin/curl binary allows the one included with the OS to take over, which corrects this issue.

      Puppet should rely on the OS' curl package by default, instead of coming bundled.

      Attachments

        Activity

          People

            padmashree.koneti Padmashree Koneti
            brian.morris@sncorp.com Brian Morris
            Votes:
            0 Vote for this issue
            Watchers:
            5 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Zendesk Support