Project

General

Profile

Actions
Copy link

Bug #13522

closed

Error 406 loading Puppet CA certificate list on Puppet 4 due to PATH difference

Added by Choon Ming Goh almost 9 years ago. Updated over 6 years ago.

Status:
Closed
Priority:
Normal
Assignee:
-
Category:
Puppet
Target version:
1.10.2
Difficulty:
Triaged:
Bugzilla link:
Pull request:
https://github.com/theforeman/smart-proxy/pull/375
Fixed in Releases:
Found in Releases:
Red Hat JIRA:

Description

I'm currently running smart proxy from source with foreman 1.10. It is unable to list all the puppet certificates on the foreman dashboard. It returns error 406 on the /GET request.

D, [2016-02-02T12:43:15.849720 #5933] DEBUG -- : accept: 10.20.1.10:35867
D, [2016-02-02T12:43:15.850991 #5933] DEBUG -- : Rack::Handler::WEBrick is invoked.
D, [2016-02-02T12:43:15.856388 #5933] DEBUG -- : verifying remote client 10.20.1.10 against trusted_hosts ["master.olindata.vm"]
D, [2016-02-02T12:43:15.858154 #5933] DEBUG -- : Found puppetca at /opt/smart-proxy/vendor/ruby/bin/puppet
D, [2016-02-02T12:43:15.858351 #5933] DEBUG -- : Found sudo at /usr/bin/sudo
D, [2016-02-02T12:43:15.858390 #5933] DEBUG -- : Executing /usr/bin/sudo -S /opt/smart-proxy/vendor/ruby/bin/puppet cert --ssldir /etc/puppetlabs/puppet/ssl --list --all
W, [2016-02-02T12:43:15.896385 #5933]  WARN -- : Failed to run puppetca:
E, [2016-02-02T12:43:15.896825 #5933] ERROR -- : Failed to list certificates: Execution of puppetca failed, check log files
I, [2016-02-02T12:43:15.897933 #5933]  INFO -- : 10.20.1.10 - - [02/Feb/2016 12:43:15] "GET /puppet/ca HTTP/1.1" 406 74 0.0418

The code below ought to fix it:

diff --git a/modules/puppetca/puppetca_main.rb b/modules/puppetca/puppetca_main.rb
index 228bb95..3e75456 100644
--- a/modules/puppetca/puppetca_main.rb
+++ b/modules/puppetca/puppetca_main.rb
@@ -103,7 +103,7 @@ module Proxy::PuppetCa
         raise "SSL/CA unavailable on this machine" 
       end

-      default_path = ["/opt/puppet/bin", "/opt/puppet/sbin"]
+      default_path = "/opt/puppetlabs/bin" 

       # puppetca is the old method of using puppet cert which is new in puppet 2.6
       if Puppet::PUPPETVERSION.to_i < 3
Actions
Copy link
 #1

Updated by Dominic Cleal almost 9 years ago

  • Subject changed from Puppet 4: smart proxy's puppetca returning error 406 to Error 406 loading Puppet CA certificate list on Puppet 4 due to PATH difference
  • Category set to Puppet

If you'd like to get your patch in, please follow the steps at http://theforeman.org/contribute.html to submit it (though the instructions for setting up Foreman are mostly irrelevant for the smart proxy). Feel free to stop by the foreman-dev mailing list or IRC channel if you'd like more help (http://theforeman.org/support.html).

http://theforeman.org/handbook.html is another useful resource for general coding styles etc.

I'd suggest having your patch append to the existing list of possible paths instead of replacing them entirely.

Actions
Copy link
 #2

Updated by The Foreman Bot almost 9 years ago

  • Status changed from New to Ready For Testing
  • Pull request https://github.com/theforeman/smart-proxy/pull/375 added
Actions
Copy link
 #3

Updated by Anonymous almost 9 years ago

  • Status changed from Ready For Testing to Closed
  • % Done changed from 0 to 100
Actions
Copy link
 #4

Updated by Dominic Cleal almost 9 years ago

  • Translation missing: en.field_release set to 123
Actions
Copy link

Also available in: Atom PDF