Project

General

Profile

Actions

Bug #3222

closed

Disabling UUID certificates leaves UUID certname in place on newly created hosts

Added by Dominic Cleal over 10 years ago. Updated over 10 years ago.

Status:
Closed
Priority:
Normal
Assignee:
-
Category:
PuppetCA
Target version:
Difficulty:
Triaged:
Fixed in Releases:
Found in Releases:

Description

Expected:

Enable use_uuid_for_certificates
Create a host
Host has a UUID now
Set host to Build, pull the host's template, watch the certname UUID value be added to the Puppet Autosign file.
... realize that uuid certificates aren't right for your organization ...
Disable use_uuid_for_certificates
Set host to Build, pull the host's template, watch the certname hostname value be added to the autosign file.

Actual:

Set host to Build, pull the host's template, watch the certname UUID value be added to the Puppet Autosign file.
Watch as your Puppet run fails to get a certificate because the client has submitted a certificate request using its hostname now.

https://github.com/theforeman/foreman/pull/925


Related issues 3 (1 open2 closed)

Related to Foreman - Feature #3223: Warn the user of impact of disabling UUID certificatesNew10/09/2013Actions
Related to Foreman - Bug #3541: ec2 provisioning failure in setSSHProvision (when no CA available?)ClosedIvan Necas10/29/2013Actions
Related to Foreman - Bug #6566: renaming a node does not change the certnameClosedAaron Stone07/10/2014Actions
Actions #1

Updated by Dominic Cleal over 10 years ago

  • Related to Tracker #3112: [TRACKER] Issues to be released in 1.3 RC or final added
Actions #2

Updated by Dominic Cleal over 10 years ago

  • Related to Feature #3223: Warn the user of impact of disabling UUID certificates added
Actions #3

Updated by Anonymous over 10 years ago

  • % Done changed from 0 to 100
  • Status changed from Ready For Testing to Closed
Actions #4

Updated by Lukas Zapletal over 10 years ago

  • Related to deleted (Tracker #3112: [TRACKER] Issues to be released in 1.3 RC or final)
Actions #5

Updated by Dominic Cleal over 10 years ago

  • Related to Bug #3541: ec2 provisioning failure in setSSHProvision (when no CA available?) added
Actions #6

Updated by Dominic Cleal over 9 years ago

  • Related to Bug #6566: renaming a node does not change the certname added
Actions

Also available in: Atom PDF