Issue #21817 has been updated by Josh Cooper. Status changed from Accepted to In Topic Branch Pending Review Target version set to 3.4.0 Affected Puppet version set to 3.2.1 Branch set to https://github.com/puppetlabs/puppet/pull/1916
---------------------------------------- Bug #21817: Guard against duplicate Windows root certs https://projects.puppetlabs.com/issues/21817#change-97714 * Author: Josh Cooper * Status: In Topic Branch Pending Review * Priority: Normal * Assignee: * Category: * Target version: 3.4.0 * Affected Puppet version: 3.2.1 * Keywords: windows * Branch: https://github.com/puppetlabs/puppet/pull/1916 ---------------------------------------- On Windows, openssl's set_default_paths does nothing, so we preload OpenSSL::X509::Store with X509 certs extracted from the Root trust store. It appears the store can contain duplicate certificates, causing our call to OpenSSL::X509::Store#add_cert to fail with "cert already in hash table" <https://groups.google.com/d/topic/puppet-users/t-KLARupllw/discussion> We should be more defensive when adding a cert, so that a single failure to add a cert doesn't prevent puppet from running. -- You have received this notification because you have either subscribed to it, or are involved in it. To change your notification preferences, please click here: http://projects.puppetlabs.com/my/account -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/puppet-bugs. For more options, visit https://groups.google.com/groups/opt_out.
