Uploaded image for project: 'Puppet'
  1. Puppet
  2. PUP-8652 Agents should be able to use CA and CRL bundles
  3. PUP-8653

Agents should save all certs downloaded from the server

    XMLWordPrintable

    Details

    • Type: Sub-task
    • Status: Closed
    • Priority: Normal
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: PUP 6.0.0
    • Component/s: None
    • Labels:
      None
    • Template:
    • Acceptance Criteria:
      Hide

      Puppet saves all downloaded certs from a cert bundle

      Show
      Puppet saves all downloaded certs from a cert bundle
    • Team:
      Froyo
    • Release Notes:
      Not Needed
    • QA Risk Assessment:
      Needs Assessment

      Description

      Currently, puppet agents only save the first cert in any bundle downloaded from the CA. In order to correctly verify the master's credentials, we need to save all of the certs in the bundle for proper trust chain checking.

      This is currently complicated by the indirector, so we should consider pulling this subsystem out entirely.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              maggie Maggie Dreyer
              Reporter:
              maggie Maggie Dreyer
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved:

                  Zendesk Support