Uploaded image for project: 'Puppet'
  1. Puppet
  2. PUP-8905

New certificate download code breaks autosigning workflow

    XMLWordPrintable

Details

    • CI Blocker
    • Status: Closed
    • Normal
    • Resolution: Fixed
    • None
    • PUP 6.0.0
    • None
    • None
    • Not Needed
    • Needs Assessment

    Description

      Autosigning appears to be broken with the new certificate download code (PUP-8652). When using an autosigning workflow, the first agent run fails with

      Error: Could not request certificate: Error 400 on SERVER: pto1to2xvyajwdw.delivery.puppetlabs.net already has a signed certificate; ignoring certificate request
      

      It seems that the agent is re-submitting a CSR even though it has successfully downloaded the signed host certificate. This could be related to some weird interaction between remaining indirector code and the code.

      This issue appears to be affecting both Puppetserver's beaker acceptance tests (whose pre-suites use autosigning to set up their environment) and PuppetDB's clojure integration tests.

      Attachments

        Issue Links

          Activity

            People

              maggie Maggie Dreyer
              maggie Maggie Dreyer
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Zendesk Support