Issue #10046 has been updated by Jacob Helwig. Status changed from Unreviewed to Duplicate
This looks like a duplicate of Dan's earlier ticket: #9508 ---------------------------------------- Feature #10046: auth.conf defaults should be updated to allow authorized access to certificate interfaces: https://projects.puppetlabs.com/issues/10046 Author: Dan Bode Status: Duplicate Priority: Normal Assignee: Category: Target version: Affected Puppet version: Keywords: Branch: the below settings are currently specified as the defaults in conf/auth.conf <pre> path /certificate/ca auth no method find allow * path /certificate/ auth no method find allow * path /certificate_request auth no method find, save allow * </pre> I think that we should change 'auth no' to 'auth any' (allowing both authenticated and unauthenticated nodes access to these interfaces). I can't actually think of any reason that we would want to allow unauthenticated hosts and not authenticated hosts access to these endpoints. Setting any by default makes remote certificate management easier by default. -- You have received this notification because you have either subscribed to it, or are involved in it. To change your notification preferences, please click here: http://projects.puppetlabs.com/my/account -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/puppet-bugs?hl=en.
