Issue #11854 has been reported by Gonzalo Servat.
----------------------------------------
Refactor #11854: "Puppet cert list --all" output is confusing when a
certificate has been cleaned and a new certificate has been signed
https://projects.puppetlabs.com/issues/11854
Author: Gonzalo Servat
Status: Unreviewed
Priority: Normal
Assignee:
Category: SSL
Target version:
Affected Puppet version:
Keywords:
Branch:
When signing a certificate for a host, and subsequently cleaning it, if you
then sign a new certificate for the same host, the output of "puppet cert list
--all" will be:
- [host] ([fingerprint]) (certificate revoked)
So, according to this listing, the host appears to have its certificate revoked
when, in fact, it's the OLD certificate that was revoked.
It would be good to rework the output so that it shows something similar to:
- [host] ([fingerprint]) (certificate revoked)
- [host] ([fingerprint]) (certificate revoked)
...
- [host] ([fingerprint]) (certificate revoked)
+ [host] ([fingerprint])
That way you can see all revoked certificates and the current signed
certificate for the host. I can see that the listing could potentially get very
long, so perhaps maybe just show the last revoked certificate? Your thoughts?
--
You have received this notification because you have either subscribed to it,
or are involved in it.
To change your notification preferences, please click here:
http://projects.puppetlabs.com/my/account
--
You received this message because you are subscribed to the Google Groups
"Puppet Bugs" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/puppet-bugs?hl=en.
