Uploaded image for project: 'Puppet Server'
  1. Puppet Server
  2. SERVER-3019

Use System cert store

    XMLWordPrintable

Details

    • Epic
    • Status: Closed
    • Normal
    • Resolution: Fixed
    • None
    • SERVER 7.8.0
    • None
    • None
    • Use System cert store
    • Froyo
    • Done
    • Needs Assessment

    Description

      Server extensions like termini and report processors cannot connect to third-party HTTPS servers when using puppetserver's http client. It is possible to use raw Net::HTTP, but that does not work when puppetserver is running on a FIPS-enabled host nor does it work for HTTPS servers chained to the Let's Encrypt expired CA (or any other cert verification behavior present in openssl 1.1.x)

      Attachments

        Issue Links

          relates to

          Task - A task that needs to be done. SERVER-3123 Specify a custom cert bundle for Puppet Server's HTTP client

          • Normal - Regular issue, some loss of functionality under specific circumstances.
          • Accepted
          links to

          Web Link jruby-openssl PR to emulate openssl 1.1.x cert verification

          Activity

            People

              justin Justin Stoller
              maggie Maggie Dreyer
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Zendesk Support