Issue #7618 has been updated by Nigel Kersten. Category set to SSL Status changed from Needs Decision to Accepted Assignee deleted (Nigel Kersten)
This is a great idea. ---------------------------------------- Feature #7618: ‘puppet cert’ should be able to return the fingerprint of the CA https://projects.puppetlabs.com/issues/7618 Author: John Morton Status: Accepted Priority: Normal Assignee: Category: SSL Target version: Affected Puppet version: Keywords: Branch: When setting up a new client, I like to be able to both confirm that fingerprint of the client certificate matches what the server sees, and that the fingerprint of the certificate authority public cert sent to the client matches the cert on the server. To do the latter, I have to reach for the openssl man page and do something like this: openssl x509 -noout -fingerprint -in /var/lib/puppet/ssl/ca/ca_crt.pem Obviously, the paths are different on the client and server sides, too. puppet's PKI handling is the best I've seen outside of SSH; I think this feature would smooth off one of the last rough edges. -- You have received this notification because you have either subscribed to it, or are involved in it. To change your notification preferences, please click here: http://projects.puppetlabs.com/my/account -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/puppet-bugs?hl=en.
