[PUP-8653] Agents should save all certs downloaded from the server - Puppet Tickets

XML

Word

Printable

Details

Type: Sub-task
Status: Closed
Priority: Normal
Resolution: Fixed
Affects Version/s: None
Fix Version/s: PUP 6.0.0
Component/s: None
Labels:
None

Acceptance Criteria:

Hide

Puppet saves all downloaded certs from a cert bundle

Show
Puppet saves all downloaded certs from a cert bundle
Team:
Froyo

Release Notes:
Not Needed

QA Risk Assessment:
Needs Assessment

Description

Currently, puppet agents only save the first cert in any bundle downloaded from the CA. In order to correctly verify the master's credentials, we need to save all of the certs in the bundle for proper trust chain checking.

This is currently complicated by the indirector, so we should consider pulling this subsystem out entirely.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending
- Thumbnails
- List
- Download All

network_formats_diagram.jpg
964 kB
2018/04/13 12:04 PM
rest_terminus.jpg
832 kB
2018/04/10 8:56 AM

Issue Links

blocks

PUP-8654 Agents should save all CRLs downloaded from the server

Closed

is blocked by

PUP-8688 Use HTTPClient library for updates to Puppet's REST behavior

Closed

relates to

PUP-6697 Allow full downloaded CA bundle to be stored to agent's localcacert file

Closed

Activity

People

Assignee:: Maggie Dreyer

Reporter:: Maggie Dreyer

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 2018/04/06 12:08 PM

Updated:: 2018/09/19 12:33 PM

Resolved:: 2018/09/19 12:33 PM

Details

Description

Attachments

Attachments

Issue Links

Activity

People

Dates

Zendesk Support