Puppet: System Administration Automated

Support

Ticket #409 (closed enhancement: fixed)

Opened 2 years ago

Last modified 2 years ago

ca-bundle patch. Enable certificate authority chain verification in client and server.

Reported by: puppet Assigned to: luke
Priority: normal Milestone:
Component: library Version:
Severity: normal Keywords: certificate authority ca authentication ca-bundle
Cc: Triage Stage:
Attached Patches: Complexity:

Description

This patch allows the ca.pem file to contain a bundle of certificates rather than a single, self signed certificate. This bundle allows both the client and the server to verify more robust situations.

The primary application for me is multiple puppet master servers, each with their own unique CA. This patch allows mutual trust and authentication, so long as a valid issuer certificate is present in the bundle.

This does not change normal operation, as the ca.pem file typically contains only one self-signed certificate, which is also a valid bundle and certificate chain.

Attachments

puppet_ca-bundle.patch (1.2 kB) - added by puppet on 01/04/07 23:34:00.
CA Bundle Patch

Change History

01/04/07 23:34:00 changed by puppet

  • attachment puppet_ca-bundle.patch added.

CA Bundle Patch

01/04/07 23:40:49 changed by luke

  • status changed from new to closed.
  • resolution set to fixed.

Applied in [2045].