Details
-
Bug
-
Status: Closed
-
Normal
-
Resolution: Fixed
-
None
-
None
-
-
2
-
PCP 2016-08-10
Description
When attempting to use clj-pcp-client with a certificate file containing a certificate chain:
2016-07-29 18:01:56,678 [qtp1960321415-113] ERROR [p.p.pcp-client] Failed to connect pcp client to wss://c7dav.vm:8142/pcp/
|
clojure.lang.ExceptionInfo: throw+: {:type :puppetlabs.pxp.puppet/connection-error, :error #error {
|
:cause "The PEM stream must contain exactly 1 certificate"
|
:via
|
[{:type java.lang.IllegalArgumentException
|
:message "The PEM stream must contain exactly 1 certificate"
|
:at [com.puppetlabs.ssl_utils.SSLUtils pemToCert "SSLUtils.java" 502]}]
|
:trace
|
[[com.puppetlabs.ssl_utils.SSLUtils pemToCert "SSLUtils.java" 502]
|
[puppetlabs.ssl_utils.core$pem__GT_cert$fn__20957 invoke "core.clj" 612]
|
[puppetlabs.ssl_utils.core$pem__GT_cert invokeStatic "core.clj" 611]
|
[puppetlabs.ssl_utils.core$pem__GT_cert invoke "core.clj" 605]
|
[puppetlabs.pcp.client$eval47389$make_identity__47394$fn__47395 invoke "client.clj" 145]
|
[puppetlabs.pcp.client$eval47389$make_identity__47394 invoke "client.clj" 141]
|
[puppetlabs.pcp.client$eval47674$connect__47679$fn__47680 invoke "client.clj" 307]
|
[puppetlabs.pcp.client$eval47674$connect__47679 invoke "client.clj" 301]
|
...
|
This happens because pemToCert throws an exception if more than one cert is specified. clj-pcp-client needs to be changed to use pemToCerts and select the first (which should be the node's credentials).
Attachments
Issue Links
- relates to
-
-
- Closed
-
-
-
- Closed
-