Uploaded image for project: 'Puppet Server'
  1. Puppet Server
  2. SERVER-2225

Move puppetserver's default CA dir out of Puppet's SSL dir

    XMLWordPrintable

Details

    • Task
    • Status: Resolved
    • Normal
    • Resolution: Fixed
    • None
    • SERVER 7.0.0
    • None
    • Hide
      • Puppetserver's CA directory defaults to /etc/puppetlabs/puppetserver/ca for new installs
      • Its location is configurable via a setting in puppetserver.conf
      • If the new setting is absent from the config file, we refer to the one from puppet.conf instead
      Show
      Puppetserver's CA directory defaults to /etc/puppetlabs/puppetserver/ca for new installs Its location is configurable via a setting in puppetserver.conf If the new setting is absent from the config file, we refer to the one from puppet.conf instead
    • Froyo
    • Major
    • 39630,40324,41099
    • 3
    • 1,000
    • Not Needed
    • See SERVER-2896 for release notes.
    • Needs Assessment

    Description

      The first major step to separating the CA and SSL dirs is to change the default location of the CA dir. The proposed new path is /etc/puppetlabs/puppetserver/ca. The new setting should be specified in puppetserver.conf, in a new section specifically for CA settings.

      For this ticket, we should only implement the most basic fallback logic, namely that we default to the CA dir from puppet.conf if the new setting is absent from the config file.

      Config files for new installations should point to the new location for the CA dir in puppetserver.conf. We need to investigate the upgrading behavior to make sure this works as expected (existing conf files are left alone).

      The migration and upgrade paths should be discussed later as part of https://tickets.puppetlabs.com/browse/PE-24530.

      Attachments

        Issue Links

          Activity

            People

              Unassigned Unassigned
              maggie Maggie Dreyer
              Votes:
              0 Vote for this issue
              Watchers:
              14 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Zendesk Support