Details
-
Bug
-
Status: Closed
-
Normal
-
Resolution: Fixed
-
SERVER 0.4.0
-
None
-
None
-
1
-
Server Emerald 2015-04-15, Server Emerald 2015-05-13
Description
The puppet.conf file supports a setting called keylength which controls the bit length for keys generated for use with SSL certificates:
https://docs.puppetlabs.com/references/latest/configuration.html#keylength
When generating keys for SSL certificates, the Puppet Server CA always uses 4096 bits, which is the default for the keylength setting. For backward compatibility, the Puppet Server CA should make use of the keylength setting to control the bit length of the keys it generates.