Uploaded image for project: 'Puppet Server'
  1. Puppet Server
  2. SERVER-2553

PUT/DELETE API ERROR

    XMLWordPrintable

Details

    • Bug
    • Status: Closed
    • Major
    • Resolution: Cannot Reproduce
    • None
    • None
    • API
    • None
    • Froyo
    • Needs Assessment
    • Needs Assessment

    Description

      Puppet Version: 5.5.0
      Puppet Server Version:5.5.0**
      OS Name/Version:

      Red Hat Enterprise Linux Server release 6.10
      We upgraded to puppet 5.5.0 recently, so far it's working fine but we see lots of issue with SSL certs. Currently, we are using self-signed certs ( I know that's not the best way to handle certs and we do have plans to move away from self-signed certs) 
       
      We using below API's to delete/revoke certs. 
      https://puppet.com/docs/puppet/5.5/http_api/http_certificate_status.html
       
       
      I see that sometimes it fails with the following error. Please note I am using below DELETE  API.  
       
      DELETE /puppet-ca/v1/certificate_status/:hostname?environment=:environment
       
       
      Error:
      delete_host: libcurl error 35 (SSL connect error): SSL peer had some unspecified issue with the certificate it received."
       
       
      Does anyone encounter this error?  It looks like a bug to me. I hit it a few times and It's intermittent.  Next time if I do , it works
       
      This is what defined in our
       

      cat /etc/puppetlabs/puppetserver/conf.d/auth.conf

                  # Allow all nodes to access the certificate revocation list

                  match-request:

      {                 path: "/puppet-ca/v1/certificate_status"                 type: path                 method: [get, put, delete]             }

                  allow: "Puppetmastercert"

                  sort-order: 500

                  name: "puppetlabs certification status"

              },

      Desired Behavior:

      It should clear the client certs but sometimes it doesn't

      Actual Behavior:

      It should clear the client certs but sometimes it doesn't. If I run the same curl Next time, it does.**

       

       

      Attachments

        Issue Links

          Activity

            People

              Unassigned Unassigned
              rgarb16 Gaurav
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Zendesk Support