Uploaded image for project: 'Puppet Server'
  1. Puppet Server
  2. SERVER-2268

Enable `puppetserver ca sign` to sign certs with SANs

    XMLWordPrintable

Details

    • Improvement
    • Status: Resolved
    • Normal
    • Resolution: Done
    • None
    • None
    • None
    • None
      • puppetserver ca sign can sign certs with subject alternative names
    • Froyo
    • Needs Assessment

    Description

      Currently, the puppetserver ca sign command uses Puppetserver's API to sign certificates. The API is currently not allowed to sign certificates with subject alternative names, due to an old bug. However, we need this functionality in the new CLI. So we should revisit the security concerns around allowing this functionality via the API, and then either enable, or add Ruby code to sign certificates with SANs.

      Attachments

        Issue Links

          relates to

          New Feature - A new feature of the product, which has yet to be developed. SERVER-2278 Add a setting to enable signing CSRs with subject alternative names

          • Normal - Regular issue, some loss of functionality under specific circumstances.
          • Closed

          New Feature - A new feature of the product, which has yet to be developed. SERVER-2318 Add CLI flag to sign CSRs with SANs

          • Normal - Regular issue, some loss of functionality under specific circumstances.
          • Closed

          Sub-task - The sub-task of the issue SERVER-2257 Create a `sign` subcommand for the new CA CLI

          • Normal - Regular issue, some loss of functionality under specific circumstances.
          • Closed

          Activity

            People

              amy.sahli Amy Sahli
              maggie Maggie Dreyer
              Votes:
              0 Vote for this issue
              Watchers:
              6 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Zendesk Support