Uploaded image for project: 'Puppet Server'
  1. Puppet Server
  2. SERVER-337

puppet-server CA service uses wrong $ssldir

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Normal
    • Resolution: Fixed
    • Affects Version/s: SERVER 2.0.0
    • Fix Version/s: SERVER 2.0.0
    • Component/s: Certificate Authority
    • Labels:
      None
    • Environment:

      puppetserver-2.0.0.SNAPSHOT.2015.02.03T1453-1.el7.noarch

    • Template:
    • Sub-team:
    • Story Points:
      1
    • Sprint:
      Server Emerald 2015-03-04

      Description

      Starting puppet-server off the nightly build drops the ssldir into the puppet user's home directory, not /etc/puppetlabs/agent/ssl.

      Looks like it's getting the settings as a user run_mode, not root/server/ca?

       

      2015-02-04 11:54:23,556 DEBUG [main] [p.s.c.puppet-server-config-service] Initializing with the following settings from core Pu
      ppet:
      {:ca-name "Puppet CA: glitcher.local",
      :hostcrl "/opt/puppetlabs/agent/cache/.puppet/ssl/crl.pem",
      :hostprivkey
      "/opt/puppetlabs/agent/cache/.puppet/ssl/private_keys/glitcher.local.pem",
      :csrdir "/opt/puppetlabs/agent/cache/.puppet/ssl/ca/requests",
      :capub "/opt/puppetlabs/agent/cache/.puppet/ssl/ca/ca_pub.pem",
      :hostcert
      "/opt/puppetlabs/agent/cache/.puppet/ssl/certs/glitcher.local.pem",
      :requestdir
      "/opt/puppetlabs/agent/cache/.puppet/ssl/certificate_requests",
      :ssl-client-verify-header "HTTP_X_CLIENT_VERIFY",
      :dns-alt-names "",
      :puppet-version "3.7.4",
      :cacert "/opt/puppetlabs/agent/cache/.puppet/ssl/ca/ca_crt.pem",
      :localcacert "/opt/puppetlabs/agent/cache/.puppet/ssl/certs/ca.pem",
      :autosign "/etc/puppetlabs/agent/autosign.conf",
      :csr-attributes "/etc/puppetlabs/agent/csr_attributes.yaml",
      :ca-ttl 157680000,
      :cakey "/opt/puppetlabs/agent/cache/.puppet/ssl/ca/ca_key.pem",
      :cacrl "/opt/puppetlabs/agent/cache/.puppet/ssl/ca/ca_crl.pem",
      :serial "/opt/puppetlabs/agent/cache/.puppet/ssl/ca/serial",
      :certdir "/opt/puppetlabs/agent/cache/.puppet/ssl/certs",
      :cert-inventory
      "/opt/puppetlabs/agent/cache/.puppet/ssl/ca/inventory.txt",
      :hostpubkey
      "/opt/puppetlabs/agent/cache/.puppet/ssl/public_keys/glitcher.local.pem",
      :ssl-client-header "HTTP_X_CLIENT_DN",
      :certname "glitcher.local",
      :signeddir "/opt/puppetlabs/agent/cache/.puppet/ssl/ca/signed",
      :allow-duplicate-certs false}

        Attachments

          Activity

            People

            Assignee:
            Unassigned
            Reporter:
            eric.sorenson Eric Sorenson
            QA Contact:
            Erik Dasher
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved:

                Zendesk Support