Uploaded image for project: 'Puppet Server'
  1. Puppet Server
  2. SERVER-2268

Enable `puppetserver ca sign` to sign certs with SANs

    XMLWordPrintable

    Details

    • Type: Improvement
    • Status: Resolved
    • Priority: Normal
    • Resolution: Done
    • Affects Version/s: None
    • Fix Version/s: None
    • Component/s: None
    • Labels:
      None
    • Template:
    • Acceptance Criteria:
      • puppetserver ca sign can sign certs with subject alternative names
    • Epic Link:
    • Team:
      Froyo
    • QA Risk Assessment:
      Needs Assessment

      Description

      Currently, the puppetserver ca sign command uses Puppetserver's API to sign certificates. The API is currently not allowed to sign certificates with subject alternative names, due to an old bug. However, we need this functionality in the new CLI. So we should revisit the security concerns around allowing this functionality via the API, and then either enable, or add Ruby code to sign certificates with SANs.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              amy.sahli Amy Sahli
              Reporter:
              maggie Maggie Dreyer
              Votes:
              0 Vote for this issue
              Watchers:
              6 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved:

                  Zendesk Support