Project

General

Profile

Actions
Copy link

Bug #14543

closed

PupeptCA Smart Proxy should "rm" certificate request files

Added by Robert Heinzmann over 8 years ago. Updated over 8 years ago.

Status:
Duplicate
Priority:
Normal
Assignee:
-
Category:
Smart Proxy
Target version:
-
Difficulty:
easy
Triaged:
Bugzilla link:
Pull request:
Fixed in Releases:
Found in Releases:
1.11.0
Red Hat JIRA:

Description

Currently, if a "unsigned" puppet certificate request should be "deleted", the smart proxy calls:

Apr 8 10:44:48 puppet sudo: foreman-proxy : TTY=unknown ; PWD=/ ; USER=root ; COMMAND=/usr/bin/puppet cert --ssldir #{ssldir} --clean webserver-test1.XX.XX.XX.XX
Apr 8 10:44:55 puppet sudo: foreman-proxy : TTY=unknown ; PWD=/ ; USER=root ; COMMAND=/usr/bin/puppet cert --ssldir #{ssldir} --list --all
Apr 8 10:44:55 puppet sudo: foreman-proxy : TTY=unknown ; PWD=/ ; USER=root ; COMMAND=/usr/bin/puppet cert --ssldir #{ssldir} --list --all
Apr 8 10:44:55 puppet sudo: foreman-proxy : TTY=unknown ; PWD=/ ; USER=root ; COMMAND=/usr/bin/puppet cert --ssldir #{ssldir} --list --all

However this does not clear the certifcate request.

The smart proxy should just "sudo rm -f SSLDIR/ca/requests/webserver-test1.XX.XX.XX.XX.pem"

Note: This also needs a new "SUDO" Command in the foreman installer to allow this removal: 

foreman-proxy ALL = (root) NOPASSWD : /bin/rm #{ssldir}/ca/requests/

Files

screenshot 01.png View screenshot 01.png 38.9 KB Robert Heinzmann, 04/08/2016 04:58 AM

Related issues 1 (0 open1 closed)

Is duplicate of Smart Proxy - Bug #3995: pending certificates don't get deleted with puppet 3.xRejectedActions
Actions
Copy link
 #1

Updated by Dominic Cleal over 8 years ago

  • Is duplicate of Bug #3995: pending certificates don't get deleted with puppet 3.x added
Actions
Copy link
 #2

Updated by Dominic Cleal over 8 years ago

  • Status changed from New to Duplicate

Thanks for the report, this is being tracked under ticket #3995 and PUP-1916.

Actions
Copy link

Also available in: Atom PDF