Uploaded image for project: 'Puppet'
  1. Puppet
  2. PUP-9456

Create SSLContext and SSLProvider

    Details

    • Type: New Feature
    • Status: Closed
    • Priority: Normal
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: PUP 6.4.0
    • Component/s: None
    • Release Notes:
      New Feature
    • Release Notes Summary:
      Hide
      This is a dark feature, not accessible to users until later, and shouldn't be documented until then.

      Adds an API for creating an SSLContext containing certs and keys needed to make an SSL connection
      Show
      This is a dark feature, not accessible to users until later, and shouldn't be documented until then. Adds an API for creating an SSLContext containing certs and keys needed to make an SSL connection
    • QA Risk Assessment:
      Needs Assessment

      Description

      Create an SSLProvider responsible for generating SSLContext objects containing all cert/key material needed to create an SSL connection. This includes the X509 store, CA certs, CRLs, revocation mode, client cert, private key, and peer verification mode.

      The provider should have methods for creating an SSLContext for 3 different use cases:
      1. No authentication: We don't have any certs, and need to download the CA bundle.
      2. Server verification: We have a CA certs (and optionally CRLs), but no client cert/private key
      3. Mutual authentication: We have CA certs (and optionally CRLs), private key, and client cert

        Attachments

          Activity

            People

            • Assignee:
              josh Josh Cooper
              Reporter:
              josh Josh Cooper
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:

                Zendesk Support