Details

    • Type: Bug
    • Status: Ready for Engineering
    • Priority: Normal
    • Resolution: Unresolved
    • Affects Version/s: None
    • Fix Version/s: None
    • Component/s: None
    • Labels:
    • Template:

      Description

      puppet cert -r should trigger apache to reload certificate csr. If we don't restart pe-httpd it will still allow connectivity from the revoked cert.

      [root@localhost ssl]# puppet agent --server=puppetmaster.localdomain -t
      info: Retrieving plugin
      info: Caching catalog for puppetagent.localdomain
      info: Applying configuration version '1310576987'
      notice: Finished catalog run in 0.04 seconds
      [root@localhost ssl]# service pe-httpd restart
      Stopping pe-httpd: [ OK ]
      Starting pe-httpd: [ OK ]
      [root@localhost ssl]# puppet agent --server=puppetmaster.localdomain -t
      info: Retrieving plugin
      err: /File[/var/opt/lib/pe-puppet/lib]: Failed to generate additional resources using 'eval_generate': SSL_connect returned=1 errno=0 state=SSLv3 read finished A: sslv3 alert certificate revoked
      err: /File[/var/opt/lib/pe-puppet/lib]: Could not evaluate: SSL_connect returned=1 errno=0 state=SSLv3 read finished A: sslv3 alert certificate revoked Could not retrieve file metadata for puppet://puppetmaster.localdomain/plugins: SSL_connect returned=1 errno=0 state=SSLv3 read finished A: sslv3 alert certificate revoked
      err: Could not retrieve catalog from remote server: SSL_connect returned=1 errno=0 state=SSLv3 read finished A: sslv3 alert certificate revoked
      warning: Not using cache on failed catalog
      err: Could not retrieve catalog; skipping run
      err: Could not send report: SSL_connect returned=1 errno=0 state=SSLv3 read finished A: sslv3 alert certificate revoked

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                Unassigned
                Reporter:
                redmine.exporter redmine.exporter
              • Votes:
                0 Vote for this issue
                Watchers:
                4 Start watching this issue

                Dates

                • Created:
                  Updated:

                  Zendesk Support