Details
-
Type:
New Feature
-
Status: Accepted
-
Priority:
Normal
-
Resolution: Unresolved
-
Affects Version/s: None
-
Fix Version/s: None
-
Component/s: None
-
Labels:None
-
Template:customfield_10700 268023
-
Acceptance Criteria:
- Certificates be revoked by serial number via the puppetserver API
-
Epic Link:
-
Team:Server
-
QA Risk Assessment:Needs Assessment
Description
When allow_duplicate_certs is true, it is possible for puppetserver to have more than one cert associated with a certname. This means that in order to effectively revoke a certificate when duplicate certs are allowed, the user needs to be able to specify the cert to revoke via its serial number, rather than its certname. The puppet cert revoke command had this capability, but the API does not. We need to add the ability to revoke certs by their serial numbers via the API.
Attachments
Issue Links
- relates to
-
SERVER-2271 Update the `puppetserver ca revoke` command to accept serial numbers
-
- Accepted
-
-
SERVER-2258 Create a `revoke` subcommand for the new CA CLI
-
- Closed
-
-
PUP-9022 Update the `puppet cert` command to error with information about the `puppetserver ca` command
-
- Closed
-