Uploaded image for project: 'Puppet Server'
  1. Puppet Server
  2. SERVER-2465

Detect correct signing cert/crl by other means than order in respective files

          Details

          • Release Notes:
            Enhancement
          • Release Notes Summary:
            Cert and CRL bundles now no longer need to be in any specific order. By default, the leaf instances will still come first, descending to the root, which will be last.
          • QA Risk Assessment:
            Needs Assessment

            Description

            We currently require cert and crl chains to be in a pem file with the signing cert/crl listed first. We should instead read in all certs/crls and determine signing cert/crl by another rubric (privatekey, issuer, or ca_name...) and then write the file back out in the same order we read them from disk.

              Attachments

                Issue Links

                relates to

                Improvement - An improvement or enhancement to an existing feature or task. SERVER-2552 The puppetserver ca import command should initialize a CRL for the intermediate CA

                • Normal - Regular issue, some loss of functionality under specific circumstances.
                • Resolved

                  Activity

                    jsd-sla-details-panel

                      People

                      • Assignee:
                        patrick Patrick Carlisle
                        Reporter:
                        justin Justin Stoller
                      • Votes:
                        0 Vote for this issue
                        Watchers:
                        5 Start watching this issue

                        Dates

                        • Created:
                          Updated:
                          Resolved: