-
Type:
Improvement
-
Status: Resolved
-
Priority:
Normal
-
Resolution: Done
-
Affects Version/s: None
-
Fix Version/s: SERVER 6.0.5, SERVER 6.3.1, SERVER 6.5.0
-
Component/s: None
-
Labels:
-
Template:customfield_10700 296448
-
Epic Link:
-
Team:Froyo
-
Release Notes:Enhancement
-
Release Notes Summary:Cert and CRL bundles now no longer need to be in any specific order. By default, the leaf instances will still come first, descending to the root, which will be last.
-
QA Risk Assessment:Needs Assessment
We currently require cert and crl chains to be in a pem file with the signing cert/crl listed first. We should instead read in all certs/crls and determine signing cert/crl by another rubric (privatekey, issuer, or ca_name...) and then write the file back out in the same order we read them from disk.
- relates to
-
SERVER-2552 The puppetserver ca import command should initialize a CRL for the intermediate CA
-
- Resolved
-