Issue #17295 has been updated by Alex Harvey. Keywords changed from solaris openssl to solaris openssl hpux
This affects HP-UX as well. ---------------------------------------- Bug #17295: Puppet not honouring --digest https://projects.puppetlabs.com/issues/17295#change-80597 Author: Greg Boug Status: Accepted Priority: Normal Assignee: Category: Target version: Affected Puppet version: 3.0.1 Keywords: solaris openssl hpux Branch: Am trying to get Puppet 3.0.1 running on Solaris (Previously had 2.7 running no problems and have encountered an issue with the SSL digest. I'm guessing it was relating to updating the certificates to use SHA256 to be a bit more secure, but it means that if the OpenSSL library isn't capable of SHA256 then it won't work - even if you tell it to use a different digest. For example: <pre> # puppet agent --digest MD5 --verbose --no-daemonize Info: Creating a new SSL certificate request for test1 Error: Could not request certificate: uninitialized constant OpenSSL::Digest::SHA256 </pre> (--debug doesn't give any extra information to help here unfortunately). Puppet is using the Solaris-provided OpenSSL as part of the Ruby install in this case, which runs version 0.9.7 with patches and doesn't support sha256. I don't mind the idea of compiling 1.0.x but the issue still seems to stand that you can't choose the digest method anymore - there is an apparent use of SHA256 regardless of what option you choose. -- You have received this notification because you have either subscribed to it, or are involved in it. To change your notification preferences, please click here: http://projects.puppetlabs.com/my/account -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/puppet-bugs?hl=en.
