Issue #7224 has been updated by Jeff McCune.
Status changed from Closed to Re-opened
Assignee deleted (Nick Lewis)
Target version deleted (2.7.0)
# Re-opening #
I'm re-opening this because I discovered we got the implementation slightly
wrong.
While investigating #3120 I discovered we're picking the wrong certificate when
displaying the more helpful error message. This results in this message being
displayed:
err: Could not retrieve catalog from remote server: Server hostname
'maynard' did not match server certificate; expected jeff mccune root
authority/c=us/st=oregon/l=portland/o=puppet labs/ou=jeff
mccune/[email protected]
As you can see the list of "expected names" appears to be the full subject of a
CA certificate, not a list of valid DNS names from a SSL Server certificate.
This error is caused by this logic:
<https://github.com/puppetlabs/puppet/commit/99330fa5#L2R97>
I'm re-opening this as a Yak to shave once I finish my investigation of #3120
as part of the support goalie work this week.
----------------------------------------
Bug #7224: Bad english: hostname was not match with the server certificate
https://projects.puppetlabs.com/issues/7224#change-66380
Author: Mike Judge
Status: Re-opened
Priority: Normal
Assignee:
Category:
Target version:
Affected Puppet version:
Keywords: openssl certificates
Branch:
root@gobo:/etc/puppet# puppetd --test
err: Could not retrieve catalog from remote server: hostname was not match with
the server certificate
warning: Not using cache on failed catalog
err: Could not retrieve catalog; skipping run
Should be something like:
1) "hostname was not a match with the server certificate"
2) "hostname did not match the server certificate"
3) "all your base are belong to us" :)
--
You have received this notification because you have either subscribed to it,
or are involved in it.
To change your notification preferences, please click here:
http://projects.puppetlabs.com/my/account
--
You received this message because you are subscribed to the Google Groups
"Puppet Bugs" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/puppet-bugs?hl=en.
