Issue #17295 has been updated by Andrew Parker. Status changed from Merged - Pending Release to Closed
Released in 3.1.0 ---------------------------------------- Bug #17295: Puppet not honouring --digest https://projects.puppetlabs.com/issues/17295#change-92619 * Author: Greg Boug * Status: Closed * Priority: Normal * Assignee: * Category: SSL * Target version: 3.1.0 * Affected Puppet version: 3.0.1 * Keywords: solaris openssl hpux * Branch: https://github.com/puppetlabs/puppet/pull/1413 ---------------------------------------- Am trying to get Puppet 3.0.1 running on Solaris (Previously had 2.7 running no problems and have encountered an issue with the SSL digest. I'm guessing it was relating to updating the certificates to use SHA256 to be a bit more secure, but it means that if the OpenSSL library isn't capable of SHA256 then it won't work - even if you tell it to use a different digest. For example: <pre> # puppet agent --digest MD5 --verbose --no-daemonize Info: Creating a new SSL certificate request for test1 Error: Could not request certificate: uninitialized constant OpenSSL::Digest::SHA256 </pre> (--debug doesn't give any extra information to help here unfortunately). Puppet is using the Solaris-provided OpenSSL as part of the Ruby install in this case, which runs version 0.9.7 with patches and doesn't support sha256. I don't mind the idea of compiling 1.0.x but the issue still seems to stand that you can't choose the digest method anymore - there is an apparent use of SHA256 regardless of what option you choose. -- You have received this notification because you have either subscribed to it, or are involved in it. To change your notification preferences, please click here: http://projects.puppetlabs.com/my/account -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/puppet-bugs?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
