[PUP-2826] http report plugin uses wrong cert store for report upload over https - Puppet Jira Server

XML

Word

Printable

Details

Type: Bug
Status: Closed
Priority: Normal
Resolution: Duplicate
Affects Version/s: PUP 3.2.4
Fix Version/s: None
Component/s: None
Labels:
- https
- puppet
- reports
Environment:

Everywhere

Description

It seams that the http.rb plugin uses the same classes to get a HTTP connection puppet usually uses to talk to the master, configured with puppets own cert store.

There may be cases where the https endpoint uses a certificate signed by the puppet CA. However in the case of the Dashboard or similar endpoints it uses a web interface which is usually protected by a cert signed by an official or a company internal CA which is also recognized by the browser.

I copied and renamed the http plugin (I renamed it to https and deliver
it with pluginsync) and simply use the default cert locations, which
lets puppet successfully report over HTTPS now:

https://github.com/ZeroPointEnergy/puppet-https-reports.git

Attachments

Issue Links

duplicates

PUP-5069 Puppet's HTTP API does not allow callers to trust system cacerts

Resolved

Activity

People

Assignee:: Unassigned

Reporter:: zeropointenergy

QA Contact:: Kurt Wall

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 2014/06/24 1:35 AM

Updated:: 2019/04/04 10:31 PM

Resolved:: 2017/05/16 11:41 AM