-
Type:
Bug
-
Status: Closed
-
Priority:
Normal
-
Resolution: Fixed
-
Affects Version/s: SERVER 2.0.0
-
Fix Version/s: SERVER 2.0.0
-
Component/s: Certificate Authority
-
Labels:None
-
Environment:
puppetserver-2.0.0.SNAPSHOT.2015.02.03T1453-1.el7.noarch
-
Template:customfield_10700 66749
-
Epic Link:
-
Sub-team:
-
Story Points:1
-
Sprint:Server Emerald 2015-03-04
Starting puppet-server off the nightly build drops the ssldir into the puppet user's home directory, not /etc/puppetlabs/agent/ssl.
Looks like it's getting the settings as a user run_mode, not root/server/ca?
|
2015-02-04 11:54:23,556 DEBUG [main] [p.s.c.puppet-server-config-service] Initializing with the following settings from core Pu
ppet:
{:ca-name "Puppet CA: glitcher.local",
:hostcrl "/opt/puppetlabs/agent/cache/.puppet/ssl/crl.pem",
:hostprivkey
"/opt/puppetlabs/agent/cache/.puppet/ssl/private_keys/glitcher.local.pem",
:csrdir "/opt/puppetlabs/agent/cache/.puppet/ssl/ca/requests",
:capub "/opt/puppetlabs/agent/cache/.puppet/ssl/ca/ca_pub.pem",
:hostcert
"/opt/puppetlabs/agent/cache/.puppet/ssl/certs/glitcher.local.pem",
:requestdir
"/opt/puppetlabs/agent/cache/.puppet/ssl/certificate_requests",
:ssl-client-verify-header "HTTP_X_CLIENT_VERIFY",
:dns-alt-names "",
:puppet-version "3.7.4",
:cacert "/opt/puppetlabs/agent/cache/.puppet/ssl/ca/ca_crt.pem",
:localcacert "/opt/puppetlabs/agent/cache/.puppet/ssl/certs/ca.pem",
:autosign "/etc/puppetlabs/agent/autosign.conf",
:csr-attributes "/etc/puppetlabs/agent/csr_attributes.yaml",
:ca-ttl 157680000,
:cakey "/opt/puppetlabs/agent/cache/.puppet/ssl/ca/ca_key.pem",
:cacrl "/opt/puppetlabs/agent/cache/.puppet/ssl/ca/ca_crl.pem",
:serial "/opt/puppetlabs/agent/cache/.puppet/ssl/ca/serial",
:certdir "/opt/puppetlabs/agent/cache/.puppet/ssl/certs",
:cert-inventory
"/opt/puppetlabs/agent/cache/.puppet/ssl/ca/inventory.txt",
:hostpubkey
"/opt/puppetlabs/agent/cache/.puppet/ssl/public_keys/glitcher.local.pem",
:ssl-client-header "HTTP_X_CLIENT_DN",
:certname "glitcher.local",
:signeddir "/opt/puppetlabs/agent/cache/.puppet/ssl/ca/signed",
:allow-duplicate-certs false}