Uploaded image for project: 'Puppet'
  1. Puppet
  2. PUP-3534

Deprecate caching certificate authority verify methods

    Details

    • Type: Task
    • Status: Closed
    • Priority: Normal
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: PUP 4.9.0
    • Component/s: None
    • Labels:
      None
    • Template:
    • Team:
      Agent
    • Story Points:
      1
    • Sprint:
      AP 2017-01-11, AP 2017-01-25
    • Release Notes:
      Deprecation
    • Release Notes Summary:
      Hide
      The following methods are no longer used within Puppet and have been deprecated:
      Puppet::SSL::CertificateAuthority#list_certificates
      Puppet::SSL::CertificateAuthority#certificate_is_alive?
      Puppet::SSL::CertificateAuthority#x509_store (api private)
      Show
      The following methods are no longer used within Puppet and have been deprecated: Puppet::SSL::CertificateAuthority#list_certificates Puppet::SSL::CertificateAuthority#certificate_is_alive? Puppet::SSL::CertificateAuthority#x509_store (api private)
    • QA Risk Assessment:
      No Action
    • QA Risk Assessment Reason:
      Low-risk; covered in unit testing

      Description

      Commit fa49b2dd added methods to verify a set of certificates against a cached X509Store object, which is loaded once and never again, even if new certs are revoked. The methods should be deprecated.

      Filing this as internal because it relates to PE's licensing.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                Unassigned
                Reporter:
                josh Josh Cooper
              • Votes:
                0 Vote for this issue
                Watchers:
                5 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:

                  Zendesk Support