[SERVER-2175] Remove CA bootstrapping code from puppetserver - Puppet Tickets

XML

Word

Printable

Details

Type: Sub-task
Status: Closed
Priority: Normal
Resolution: Won't Do
Affects Version/s: None
Fix Version/s: None
Component/s: None
Labels:
None

Template:
customfield_10700 244649
Acceptance Criteria:
- puppetserver no longer generates a CA on startup
Team:
Froyo

QA Risk Assessment:
Needs Assessment

Description

As part of the improvements around intermediate CA support, we want to make CA initialization more explicit. Once we have subcommands for the new CA CLI tool for generating a CA (see ~~SERVER-2176~~), and a step in the PE installer to run that tool as part of installation (see PE-24739), we need to remove the CA bootstrapping code from puppetserver. Note that this refers only to the code that automatically generates CA files when starting the server for the first time, not the code to sign and set up the master host cert.

Attachments

Issue Links

is blocked by

SERVER-2264 Update puppetserver clojure integration tests to handle lack of CA bootstrapping

Closed

SERVER-2172 Simple CLI tool for setting up an intermediate CA

Closed

SERVER-2176 The CA that signs agent requests should be an intermediate CA by default

Closed

relates to

SERVER-2197 Puppetserver needs to serve the CA bundle from the CA cert endpoint

Closed

Activity

People

Assignee:: Unassigned

Reporter:: Maggie Dreyer

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 2018/04/06 11:53 AM

Updated:: 2018/09/10 9:53 AM

Resolved:: 2018/09/10 9:53 AM