Uploaded image for project: 'Puppet'
  1. Puppet
  2. PUP-8652 Agents should be able to use CA and CRL bundles
  3. PUP-8653

Agents should save all certs downloaded from the server

    XMLWordPrintable

Details

    • Sub-task
    • Status: Closed
    • Normal
    • Resolution: Fixed
    • None
    • PUP 6.0.0
    • None
    • None
    • Hide

      Puppet saves all downloaded certs from a cert bundle

      Show
      Puppet saves all downloaded certs from a cert bundle
    • Froyo
    • Not Needed
    • Needs Assessment

    Description

      Currently, puppet agents only save the first cert in any bundle downloaded from the CA. In order to correctly verify the master's credentials, we need to save all of the certs in the bundle for proper trust chain checking.

      This is currently complicated by the indirector, so we should consider pulling this subsystem out entirely.

      Attachments

        Issue Links

          Activity

            People

              maggie Maggie Dreyer
              maggie Maggie Dreyer
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Zendesk Support