Hi, Here is the second version of the certificate features for Rowlf. The first version of the #2839 feature was incomplete, it didn't allow you to fingerprint on the client which _is_ the whole point of the feature.
I'm not really satisfied about handling the --digest option in both puppetca and puppetd, I'm inclined in adding a main puppet settings for this. This would allow to fingerprint with a different digest algorithm than the default one (md5). Also, what is questionable is the use of puppetd to ask for a client-side fingerprint. But IMHO, puppetca is not always distributed on the clients (except in recent RPMs, thanks to Todd), and clients don't really have a CA, so it is questionable to have to use puppetca on them. Code is available in the tickets/master/2395 branch of my github repository. So, as usual comments and ideas are welcome, Thanks, Brice Brice Figureau (3): Feature #2395 - revoke when cleaning a certificate with puppetca Fix a few puppetd specs tests Feature #2839 - fingerprint certificate lib/puppet/application/puppetca.rb | 9 ++- lib/puppet/application/puppetd.rb | 33 +++++-- lib/puppet/ssl/base.rb | 17 +++ lib/puppet/ssl/certificate_authority.rb | 9 ++- lib/puppet/ssl/certificate_authority/interface.rb | 28 ++++-- lib/puppet/ssl/certificate_request.rb | 2 + sbin/puppetca | 11 ++- sbin/puppetd | 23 ++++- spec/unit/application/puppetca.rb | 25 +++++ spec/unit/application/puppetd.rb | 78 +++++++++++++- spec/unit/ssl/base.rb | 40 +++++++ spec/unit/ssl/certificate_authority.rb | 37 ++++++- spec/unit/ssl/certificate_authority/interface.rb | 114 +++++++++++++++------ spec/unit/ssl/certificate_request.rb | 14 +++- 14 files changed, 380 insertions(+), 60 deletions(-) create mode 100755 spec/unit/ssl/base.rb -- You received this message because you are subscribed to the Google Groups "Puppet Developers" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/puppet-dev?hl=en.
