[SERVER-2270] Allow revoking certificates by their serial numbers via the puppetserver API - Puppet Tickets

XML

Word

Printable

Details

Type: New Feature
Status: Accepted
Priority: Normal
Resolution: Unresolved
Affects Version/s: None
Fix Version/s: None
Component/s: None
Labels:
None

Template:
customfield_10700 268023
Acceptance Criteria:
- Certificates be revoked by serial number via the puppetserver API
Epic Link:
CA API Improvements
Team:
Froyo

QA Risk Assessment:
Needs Assessment

Description

When allow_duplicate_certs is true, it is possible for puppetserver to have more than one cert associated with a certname. This means that in order to effectively revoke a certificate when duplicate certs are allowed, the user needs to be able to specify the cert to revoke via its serial number, rather than its certname. The puppet cert revoke command had this capability, but the API does not. We need to add the ability to revoke certs by their serial numbers via the API.

Attachments

Issue Links

relates to

SERVER-2271 Update the `puppetserver ca revoke` command to accept serial numbers

Accepted

SERVER-2258 Create a `revoke` subcommand for the new CA CLI

Closed

PUP-9022 Update the `puppet cert` command to error with information about the `puppetserver ca` command

Closed

Activity

People

Assignee:: Unassigned

Reporter:: Maggie Dreyer

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 2018/08/03 3:37 PM

Updated:: 2018/10/02 9:28 AM