Project

General

Profile

Actions

Feature #12948

open

as an api user, i would like to query puppet ca certificate additional information

Added by Ohad Levy about 8 years ago. Updated over 6 years ago.

Status:
New
Priority:
Normal
Assignee:
-
Category:
PuppetCA
Target version:
-
Difficulty:
Triaged:
Fixed in Releases:
Found in Releases:

Description

the puppet ca inventory can contain additional information which is not exposed via the api, for example:

 cat /var/lib/puppet/ssl/ca/inventory.txt 
0x0001 2015-08-16T14:00:27UTC 2020-08-15T14:00:27UTC /CN=Puppet CA: ca-certname

(CA attribute is ignored)

additionally output from puppet cert list --all can contain certificate alt names, e.g.:

"ca-certname"        (SHA256) 2D:09:32:76:41:86:C7:A2:71:E0:5C:9E:98:7C:E8:76:B1:4A:86:E3:51:00:D0:02:AF:2F:7E:02:45:AB:3E:28 (alt names: "DNS:ca-certname", "DNS:puppet", "DNS:puppet.domain.com")

I would like to know which certificate is actually the CA (in puppet context its usually the first entry in the inventory, or the oldest certificate and has the above output), and to know its alt names.


Related issues 1 (0 open1 closed)

Related to Foreman - Feature #12720: As a User I would like to get puppet related data of the smart proxyClosedTomer Brisker12/07/2015Actions
Actions #1

Updated by Ohad Levy about 8 years ago

  • Description updated (diff)
Actions #2

Updated by Ohad Levy about 8 years ago

  • Related to Feature #12720: As a User I would like to get puppet related data of the smart proxy added
Actions #3

Updated by Dominic Cleal about 8 years ago

  • Category set to Puppet
Actions #4

Updated by Tomer Brisker over 6 years ago

  • Category changed from Puppet to PuppetCA
Actions

Also available in: Atom PDF