Uploaded image for project: 'Puppet'
  1. Puppet
  2. PUP-6828

Simplify agent SSL initialization

    XMLWordPrintable

Details

    • Epic
    • Status: Closed
    • Normal
    • Resolution: Fixed
    • None
    • None
    • None
    • None
    • Simplify agent SSL initialization
    • Coremunity
    • SE 2017-01-11, SE 2017-02-08, SE 2017-02-22

    Description

      The Puppet X.509 PKI initialization logic is currently confusing, inconsistent, and buggy, due to the ad hoc nature of its implementation. The Puppet::SSL::Host class is responsible, either directly or indirectly, for fetching the CA certificate, CRL, RSA key pair, CSR, and certificate. This initialization is scattered across a number of functions and files, and is largely triggered by lazy methods. This structure makes it very hard to reason about or improve the PKI initialization process.

      Attachments

        Issue Links

          relates to

          Epic - Created by Jira Software - do not edit or delete. Issue type for a big user story that needs to be broken down. PUP-8503 Agent SSL CLI

          • Critical - Crashes, loss of data, severe memory leak.
          • Closed

          Activity

            People

              Unassigned Unassigned
              adrien Adrien Thebo
              Votes:
              0 Vote for this issue
              Watchers:
              6 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Zendesk Support