Jira (PUP-1146) Allow control over the digest used to create CA certificates
Title: Message Title Jayant Sane updated an issue Puppet / PUP-1146 Allow control over the digest used to create CA certificates Change By: Jayant Sane Fix Version/s: PUP 5.4.0 Fix Version/s: PUP 5.y Add Comment This message was sent by Atlassian JIRA (v7.0.2#70111-sha1:88534db) -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com. To post to this group, send email to puppet-bugs@googlegroups.com. Visit this group at https://groups.google.com/group/puppet-bugs. For more options, visit https://groups.google.com/d/optout.
Jira (PUP-1146) Allow control over the digest used to create CA certificates
Title: Message Title Moses Mendoza updated an issue Puppet / PUP-1146 Allow control over the digest used to create CA certificates Change By: Moses Mendoza Labels: redmine triaged Add Comment This message was sent by Atlassian JIRA (v6.4.14#64029-sha1:ae256fe) -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com. To post to this group, send email to puppet-bugs@googlegroups.com. Visit this group at https://groups.google.com/group/puppet-bugs. For more options, visit https://groups.google.com/d/optout.
Jira (PUP-1146) Allow control over the digest used to create CA certificates
Title: Message Title Josh Cooper updated an issue Puppet / PUP-1146 Allow control over the digest used to create CA certificates Change By: Josh Cooper Team: Agent Add Comment This message was sent by Atlassian JIRA (v6.4.14#64029-sha1:ae256fe) -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com. To post to this group, send email to puppet-bugs@googlegroups.com. Visit this group at https://groups.google.com/group/puppet-bugs. For more options, visit https://groups.google.com/d/optout.
Jira (PUP-1146) Allow control over the digest used to create CA certificates
Title: Message Title Maggie Dreyer updated an issue Puppet / PUP-1146 Allow control over the digest used to create CA certificates Change By: Maggie Dreyer Labels: redmine triaged Add Comment This message was sent by Atlassian JIRA (v6.4.14#64029-sha1:ae256fe) -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com. To post to this group, send email to puppet-bugs@googlegroups.com. Visit this group at https://groups.google.com/group/puppet-bugs. For more options, visit https://groups.google.com/d/optout.
Jira (PUP-1146) Allow control over the digest used to create CA certificates
Title: Message Title redmine.exporter created an issue Puppet / PUP-1146 Allow control over the digest used to create CA certificates Issue Type: New Feature Assignee: Unassigned Created: 17/Dec/13 10:32 AM Labels: redmine Priority: Normal Reporter: redmine.exporter If the puppet master uses SHA256 as digest on the CA cert then agents with older versions of openssl will not be able to verify the CA Cert. Making it impossible for OS such as Solaris 10 to connect to a master running on Solaris 11. So far have I not found any method of downreving digest algorithm to SHA1 except for reissue the certs with openssl directly. pre Master: digest -a md5 ca.pem agent.pem (ca.pem) = 4a5e69cec9a9f8c39fd6b160b5cbea8c (agent.pem) = 559cb7ddf565340ddf802670cc68cf53 openssl verify -CAfile ca.pem agent.pem agent.pem: OK openssl x509 -text -noout -in ca.pem | grep Signature Signature Algorithm: sha256WithRSAEncryption Signature Algorithm: sha256WithRSAEncryption
