Uploaded image for project: 'Puppet Server'
  1. Puppet Server
  2. SERVER-77

Allow users to disable cert requirement for cert_status endpoint

    XMLWordPrintable

    Details

    • Type: New Feature
    • Status: Closed
    • Priority: Normal
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: SERVER 0.3.0
    • Component/s: None
    • Labels:
      None
    • Template:
    • Epic Link:
    • Story Points:
      2
    • Sprint:
      PE 2014-10-22

      Description

      This is a follow-up to SERVER-39; it sounds like there are some use cases where users still need to be able to access the cert_status endpoint via plaintext HTTP. We currently don't support this since we require a client certificate. Eventually we might decide to support the X-header approach as a solution to this, but for now, we should just add a mechanism for turning off the client cert check.

      Need to decide what the setting for this looks like; it could either be a new toggle setting (auth enabled/disabled), or it could be an overload of the whitelist setting (e.g. empty list means no auth required?). I'd probably lean slightly towards the explicit approach (new toggle setting) but we should discuss.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              preben Preben Ingvaldsen
              Reporter:
              chris Chris Price
              QA Contact:
              Erik Dasher
              Votes:
              1 Vote for this issue
              Watchers:
              5 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved:

                  Zendesk Support