Bug #33431
Use OpenSSL Ruby to ensure Apache certificate bundle is in the proper format on FIPS machines
Status:
Closed
Priority:
Normal
Assignee:
Category:
Foreman modules
Target version:
Pull request:
Fixed in Releases:
Found in Releases:
Associated revisions
History
#1
Updated by The Foreman Bot 5 months ago
Updated by - Assignee set to Eric Helms
- Status changed from New to Ready For Testing
- Pull request https://github.com/theforeman/puppet-certs/pull/380 added
#2
Updated by The Foreman Bot 5 months ago
- Fixed in Releases 3.2.0 added
#3
Updated by Eric Helms 5 months ago
Updated by - Status changed from Ready For Testing to Closed
Applied in changeset puppet-certs|ffeb6f467860b9a86d9208f1bf1a310f2ad1d93b.
#4
Updated by Ewoud Kohl van Wijngaarden 4 months ago
Updated by - Fixed in Releases 3.1.0 added
- Fixed in Releases deleted (
3.2.0) - Pull request deleted (
https://github.com/theforeman/puppet-certs/pull/380)
#5
Updated by Ewoud Kohl van Wijngaarden 4 months ago
- Triaged changed from No to Yes
- Target version set to 3.1.0
- Category set to Foreman modules
- Pull request https://github.com/theforeman/puppet-certs/pull/380 added
Fixes #33431: Use Ruby OpenSSL to ensure PKCS1 format
On FIPS enabled machines, private keys generated are not in PKCS #1
format which is required by Apache for bundled SSL proxy machine
certiicates. This switches to using Ruby's OpenSSL library to generate
the proper format when needing to force PKCS #1 format rather than
string manipulation.