[PUP-8653] Agents should save all certs downloaded from the server - Puppet Tickets

Details

Type: Sub-task
Status: Closed
Priority: Normal
Resolution: Fixed
Affects Version/s: None
Fix Version/s: PUP 6.0.0
Component/s: None
Labels:
None

Template:
customfield_10700 244653
Acceptance Criteria:

Hide

Puppet saves all downloaded certs from a cert bundle

Show
Puppet saves all downloaded certs from a cert bundle
Team:
Server

Release Notes:
Not Needed

QA Risk Assessment:
Needs Assessment

Description

Currently, puppet agents only save the first cert in any bundle downloaded from the CA. In order to correctly verify the master's credentials, we need to save all of the certs in the bundle for proper trust chain checking.

This is currently complicated by the indirector, so we should consider pulling this subsystem out entirely.

Attachments

Options
- Sort By Name
- Sort By Date
- Ascending
- Descending
- Thumbnails
- List
- Download All

Attachments

network_formats_diagram.jpg
964 kB
2018/04/13 12:04 PM
rest_terminus.jpg
832 kB
2018/04/10 8:56 AM

Issue Links

blocks

PUP-8654 Agents should save all CRLs downloaded from the server

Closed

is blocked by

PUP-8688 Use HTTPClient library for updates to Puppet's REST behavior

Closed

relates to

PUP-6697 Allow full downloaded CA bundle to be stored to agent's localcacert file

Closed

Activity

jsd-sla-details-panel

People

Assignee:

Maggie Dreyer

Reporter:

Maggie Dreyer

Votes:

0 Vote for this issue

Watchers:

1 Start watching this issue

Dates

Created:

2018/04/06 12:08 PM

Updated:

2018/09/19 12:33 PM

Resolved:

2018/09/19 12:33 PM