Using latest nightly and encountered the following error: No smart proxy server found on [] and is not in trusted_puppetmaster_hosts

As you can see it wasn't listing the connecting smart proxy / host. Dug into the code and found the following section of code:


if certificate.subject_alternative_names
request_hosts += certificate.subject_alternative_names
elsif certificate.subject
request_hosts << certificate.subject
end


Testing of certificate.subject_alternative_names always evaluates to true even when no SAN. This results in request_hosts to be empty and authentication of the request fails.