Uploaded image for project: 'Puppet'
  1. Puppet
  2. PUP-2103

Puppet client does not update and does consult the crl during authentication

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Critical
    • Resolution: Duplicate
    • Affects Version/s: PUP 3.4.3
    • Fix Version/s: None
    • Component/s: None
    • Labels:
      None
    • Template:

      Description

      In my tests puppet client never updates it’s /var/lib/puppet/ssl/crl.pem from the master when it changes.

      Though the CRL is initially downloaded from a CA and ‘cached’ that cache is never cleared causing multi-master setups to run with an increasingly outdated CRL.

      I think this bug is dangerous especially because the separate CA thing is new and people don’t realize, nor is it documented, that this is the current behavior.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              Unassigned
              Reporter:
              tlimoncelli Tom Limoncelli
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved:

                  Zendesk Support