Uploaded image for project: 'Puppet Server'
  1. Puppet Server
  2. SERVER-85

Consider synchronizing hostcrl with cacrl during startup

    XMLWordPrintable

    Details

    • Type: Task
    • Status: Closed
    • Priority: Normal
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: SERVER 2.0.0
    • Component/s: Puppet Server
    • Labels:
      None
    • Template:
    • Team:
      Systems Engineering
    • Sub-team:
    • Story Points:
      1
    • Sprint:
      SERVER 2014-12-03, SERVER 2014-12-17, SERVER 2014/12/31, Server 2015-01-21, Server 2015-02-04

      Description

      ...the same way we synchronize the hostcacert with the cacert.

      This came about because some things – like the installer – are (correctly) using the hostcrl, but the Server never updates it after it creates it the first time. While our story for CRL support is already a bit of a manual one, this automated step seems harmless and could be worthwhile for users considering the development effort it would take.

      Some ways we could implement this synchronization are:

      • Another part of the existing CA/initialize-master-ssl! or CA/retrieve-ca-cert!
      • A new CA protocol method (e.g. retrieve-ca-crl! or something)
      • Another part of the master service initialization

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              Unassigned
              Reporter:
              nwolfe Nate Wolfe
              QA Contact:
              Erik Dasher
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved:

                  Zendesk Support