Details
-
Improvement
-
Status: Closed
-
Normal
-
Resolution: Fixed
-
PUP 4.0.0
-
None
-
None
-
1
-
Client 2016-05-18, Client 2016-06-01
-
New Feature
-
cert list now displays long names for extensions
Description
PUP-2995 allows certificate extensions to be referenced in manifests using the short name of the extension.
However, when executing `puppet cert print <certname>`, we print the oid as the name of the extension:
bundle exec puppet cert print <hostname>
|
...
|
X509v3 extensions:
|
Netscape Comment:
|
.(Puppet Ruby/OpenSSL Internal Certificate
|
1.3.6.1.4.1.34380.1.2.1.1:
|
..somedata
|
1.3.6.1.4.1.34380.1.2.1.2:
|
someotherdata .
|
...
|
Since we now have a capability to specify the mapping of oid to short and long names, it would be useful to print the long name, like is done with other "known" extensions:
$ bundle exec puppet cert print <hostname> --trusted_oid_mapping_file oid.yaml
|
...
|
X509v3 extensions:
|
Netscape Comment:
|
.(Puppet Ruby/OpenSSL Internal Certificate
|
My Long Name:
|
..somedata
|
My Other Long Name:
|
someotherdata .
|
This is a one line change to the cert application, and perhaps certificate too?
$ git diff
|
diff --git a/lib/puppet/application/cert.rb b/lib/puppet/application/cert.rb
|
index 833840b..1453717 100644 |
--- a/lib/puppet/application/cert.rb
|
+++ b/lib/puppet/application/cert.rb
|
@@ -230,6 +230,7 @@ Copyright (c) 2011 Puppet Labs, LLC Licensed under the Apache 2.0 License |
exit(Puppet.settings.print_configs ? 0 : 1) if Puppet.settings.print_configs? |
|
|
Puppet::SSL::Oids.register_puppet_oids |
+ Puppet::SSL::Oids.load_custom_oid_file(Puppet[:trusted_oid_mapping_file]) |