[PUP-9461] Use available X509 objects to make SSL connections - Puppet Jira Server

XML

Word

Printable

Details

Type: New Feature
Status: Closed
Priority: Normal
Resolution: Fixed
Affects Version/s: None
Fix Version/s: PUP 6.4.0
Component/s: None
Labels:
- resolved-issue-added

Epic Link:
Simplify agent SSL initialization
Team:
Coremunity
Sprint:
Platform Core KANBAN

Release Notes:
Bug Fix
Release Notes Summary:

Hide
Puppet applications (other than agent, device, and ssl) will now raise an error if they attempt to make an SSL connection, but the SSL bootstrap process is incomplete, such as if the node doesn't have a client cert.

The agent, device and ssl application behave the same as before.

Show
Puppet applications (other than agent, device, and ssl) will now raise an error if they attempt to make an SSL connection, but the SSL bootstrap process is incomplete, such as if the node doesn't have a client cert. The agent, device and ssl application behave the same as before.

QA Risk Assessment:
Needs Assessment

Description

During normal puppet execution, load whatever key/cert-related objects are available (if any), make them available in Puppet's context system, and use them to make SSL connections.

Continue to use Puppet::SSL::Host when bootstrapping SSL via puppet agent/device/ssl.

Attachments

Activity

People

Assignee:: Josh Cooper

Reporter:: Josh Cooper

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 2019/01/23 3:44 PM

Updated:: 2019/03/26 5:24 PM

Resolved:: 2019/03/11 9:22 AM