Details
-
Sub-task
-
Status: Closed
-
Normal
-
Resolution: Fixed
-
None
-
None
-
None
-
-
Froyo
-
Not Needed
-
Needs Assessment
Description
Currently, puppet agents only save the first cert in any bundle downloaded from the CA. In order to correctly verify the master's credentials, we need to save all of the certs in the bundle for proper trust chain checking.
This is currently complicated by the indirector, so we should consider pulling this subsystem out entirely.