Project

General

Profile

Feature #12948

as an api user, i would like to query puppet ca certificate additional information

Added by Ohad Levy about 4 years ago. Updated about 2 years ago.

Status:
New
Priority:
Normal
Assignee:
-
Category:
PuppetCA
Target version:
-
Difficulty:
Triaged:
No
Bugzilla link:
Pull request:
Fixed in Releases:
Found in Releases:

Description

the puppet ca inventory can contain additional information which is not exposed via the api, for example:

 cat /var/lib/puppet/ssl/ca/inventory.txt 
0x0001 2015-08-16T14:00:27UTC 2020-08-15T14:00:27UTC /CN=Puppet CA: ca-certname

(CA attribute is ignored)

additionally output from puppet cert list --all can contain certificate alt names, e.g.:

"ca-certname"        (SHA256) 2D:09:32:76:41:86:C7:A2:71:E0:5C:9E:98:7C:E8:76:B1:4A:86:E3:51:00:D0:02:AF:2F:7E:02:45:AB:3E:28 (alt names: "DNS:ca-certname", "DNS:puppet", "DNS:puppet.domain.com")

I would like to know which certificate is actually the CA (in puppet context its usually the first entry in the inventory, or the oldest certificate and has the above output), and to know its alt names.


Related issues

Related to Foreman - Feature #12720: As a User I would like to get puppet related data of the smart proxyClosed2015-12-07

History

#1 Updated by Ohad Levy about 4 years ago

  • Description updated (diff)

#2 Updated by Ohad Levy about 4 years ago

  • Related to Feature #12720: As a User I would like to get puppet related data of the smart proxy added

#3 Updated by Dominic Cleal about 4 years ago

  • Category set to Puppet

#4 Updated by Tomer Brisker about 2 years ago

  • Category changed from Puppet to PuppetCA

Also available in: Atom PDF