Uploaded image for project: 'Puppet Server'
  1. Puppet Server
  2. SERVER-2465

Detect correct signing cert/crl by other means than order in respective files

    Details

    • Release Notes:
      Enhancement
    • Release Notes Summary:
      Cert and CRL bundles now no longer need to be in any specific order. By default, the leaf instances will still come first, descending to the root, which will be last.
    • QA Risk Assessment:
      Needs Assessment

      Description

      We currently require cert and crl chains to be in a pem file with the signing cert/crl listed first. We should instead read in all certs/crls and determine signing cert/crl by another rubric (privatekey, issuer, or ca_name...) and then write the file back out in the same order we read them from disk.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                patrick Patrick Carlisle
                Reporter:
                justin Justin Stoller
              • Votes:
                0 Vote for this issue
                Watchers:
                5 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:

                  Zendesk Support