Uploaded image for project: 'Puppet'
  1. Puppet
  2. PUP-1916

puppet cert clean cannot remove signing requests

    XMLWordPrintable

Details

    • Bug
    • Status: Closed
    • Normal
    • Resolution: Fixed
    • PUP 3.4.2, PUP 3.4.3, PUP 3.6.2, PUP 3.7.3, PUP 3.7.5, PUP 4.10.6, PUP 5.0.1
    • PUP 4.10.11, PUP 5.3.5, PUP 5.4.0
    • None

    • Puppet on CentOS 6 (via puppetlabs repo), Puppet on Debian7 (via puppetlabs repo)

    • Platform Core
    • Platform Core KANBAN
    • Major
    • 4 - 50-90% of Customers
    • 2 - Annoyance
    • 5 - $$$$$$
    • Hide
      We suspect that many users have run into this based on the number of watchers and the age of this ticket. There are workarounds to sign the CSR and then clean the resulting cert but it would be much cleaner and less frustrating to allow deletion/rejection/whatever of the CSR.
      Show
      We suspect that many users have run into this based on the number of watchers and the age of this ticket. There are workarounds to sign the CSR and then clean the resulting cert but it would be much cleaner and less frustrating to allow deletion/rejection/whatever of the CSR.
    • Bug Fix
    • Fixed a bug where running `puppet cert clean` would fail to clean a certificate signing request because it would try to revoke the cert. `puppet cert clean` can now correctly clean certificate signing requests.
    • No Action
    • unit tests added to cover change

    Description

      I have a certificate signing request that I would like to get rid of with "puppet cert". However, I can only list and sign CSRs.

      Here's my log:
      [root@operations ~]# puppet --version
      3.4.2
      [root@operations ~]# puppet cert list | grep local
      "localhost.localdomain" (MD5) 12:5E:40:6B:79:84:6F:9C:51:7B:40:81:30:30:8B:F5
      [root@operations ~]# puppet cert clean localhost.localdomain
      Error: Could not find a serial number for localhost.localdomain

      A thread at puppet-users suggests this worked before, but is now broken:
      https://groups.google.com/forum/#!topic/puppet-users/gmIFG108aw0

      Attachments

        Issue Links

          is duplicated by

          Bug - A problem which impairs or prevents the functions of the product. PUP-2992 Puppet Cert problems with unsupported signing algorithm

          • Normal - Regular issue, some loss of functionality under specific circumstances.
          • Closed
          relates to

          Bug - A problem which impairs or prevents the functions of the product. PUP-6918 SSL - Improve CSR to local public key mismatch handling

          • Normal - Regular issue, some loss of functionality under specific circumstances.
          • Closed

          Bug - A problem which impairs or prevents the functions of the product. PUP-8448 "puppet cert clean" only works if at least one cert has already been signed

          • Normal - Regular issue, some loss of functionality under specific circumstances.
          • Closed

          Bug - A problem which impairs or prevents the functions of the product. SERVER-2353 puppetserver ca clean cannot remove signing requests

          • Normal - Regular issue, some loss of functionality under specific circumstances.
          • Closed

          Activity

            People

              eric.delaney Eric Delaney
              rbu Robert Buchholz
              Votes:
              19 Vote for this issue
              Watchers:
              30 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Zendesk Support