Uploaded image for project: 'Puppet'
  1. Puppet
  2. PUP-4617

puppet cert list should display long names for extensions

    Details

    • Type: Improvement
    • Status: Closed
    • Priority: Normal
    • Resolution: Fixed
    • Affects Version/s: PUP 4.0.0
    • Fix Version/s: PUP 4.6.0
    • Component/s: None
    • Labels:
      None
    • Template:
    • Story Points:
      1
    • Sprint:
      Client 2016-05-18, Client 2016-06-01
    • Release Notes:
      New Feature
    • Release Notes Summary:
      cert list now displays long names for extensions

      Description

      PUP-2995 allows certificate extensions to be referenced in manifests using the short name of the extension.

      However, when executing `puppet cert print <certname>`, we print the oid as the name of the extension:

      bundle exec puppet cert print <hostname>
      ...
              X509v3 extensions:
                  Netscape Comment:
                      .(Puppet Ruby/OpenSSL Internal Certificate
                  1.3.6.1.4.1.34380.1.2.1.1:
                      ..somedata
                  1.3.6.1.4.1.34380.1.2.1.2:
      someotherdata   .
      ...
      

      Since we now have a capability to specify the mapping of oid to short and long names, it would be useful to print the long name, like is done with other "known" extensions:

       $ bundle exec puppet cert print <hostname> --trusted_oid_mapping_file oid.yaml
      ...
              X509v3 extensions:
                  Netscape Comment:
                      .(Puppet Ruby/OpenSSL Internal Certificate
                  My Long Name:
                      ..somedata
                  My Other Long Name:
      someotherdata   .
      

      This is a one line change to the cert application, and perhaps certificate too?

       $ git diff
      diff --git a/lib/puppet/application/cert.rb b/lib/puppet/application/cert.rb
      index 833840b..1453717 100644
      --- a/lib/puppet/application/cert.rb
      +++ b/lib/puppet/application/cert.rb
      @@ -230,6 +230,7 @@ Copyright (c) 2011 Puppet Labs, LLC Licensed under the Apache 2.0 License
           exit(Puppet.settings.print_configs ? 0 : 1) if Puppet.settings.print_configs?
       
           Puppet::SSL::Oids.register_puppet_oids
      +    Puppet::SSL::Oids.load_custom_oid_file(Puppet[:trusted_oid_mapping_file])
      

        Attachments

          Issue Links

            Activity

              jsd-sla-details-panel

                People

                • Assignee:
                  Unassigned
                  Reporter:
                  josh Josh Cooper
                • Votes:
                  0 Vote for this issue
                  Watchers:
                  3 Start watching this issue

                  Dates

                  • Created:
                    Updated:
                    Resolved:

                    Zendesk Support