Jira (PUP-11849) CRL authorityKeyIdentifier is not printed in puppet8
Title: Message Title Josh Cooper updated an issue Puppet / PUP-11849 CRL authorityKeyIdentifier is not printed in puppet8 Change By: Josh Cooper Sprint: Phoenix 2023-07-05 Add Comment This message was sent by Atlassian Jira (v8.20.21#820021-sha1:38274c8) -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-bugs/JIRA.485441.1683744464000.473.1686847320153%40Atlassian.JIRA.
Jira (PUP-11849) CRL authorityKeyIdentifier is not printed in puppet8
Title: Message Title Josh Cooper assigned an issue to Josh Cooper Puppet / PUP-11849 CRL authorityKeyIdentifier is not printed in puppet8 Change By: Josh Cooper Assignee: Josh Cooper Add Comment This message was sent by Atlassian Jira (v8.20.21#820021-sha1:38274c8) -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-bugs/JIRA.485441.1683744464000.232.1686806160049%40Atlassian.JIRA.
Jira (PUP-11849) CRL authorityKeyIdentifier is not printed in puppet8
Title: Message Title Josh Cooper updated an issue Puppet / PUP-11849 CRL authorityKeyIdentifier is not printed in puppet8 Change By: Josh Cooper Fix Version/s: PUP 8.2.0 Add Comment This message was sent by Atlassian Jira (v8.20.21#820021-sha1:38274c8) -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-bugs/JIRA.485441.1683744464000.213.1686801180090%40Atlassian.JIRA.
Jira (PUP-11849) CRL authorityKeyIdentifier is not printed in puppet8
Title: Message Title Josh Cooper updated an issue Puppet / PUP-11849 CRL authorityKeyIdentifier is not printed in puppet8 Change By: Josh Cooper Sprint: Phoenix 2023-06-21 Add Comment This message was sent by Atlassian Jira (v8.20.21#820021-sha1:38274c8) -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-bugs/JIRA.485441.1683744464000.5927.1686159660097%40Atlassian.JIRA.
Jira (PUP-11849) CRL authorityKeyIdentifier is not printed in puppet8
Title: Message Title Josh Cooper updated an issue Puppet / PUP-11849 CRL authorityKeyIdentifier is not printed in puppet8 Change By: Josh Cooper Sprint: Phoenix 2023-06-21 Add Comment This message was sent by Atlassian Jira (v8.20.21#820021-sha1:38274c8) -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-bugs/JIRA.485441.1683744464000.5755.1686154440094%40Atlassian.JIRA.
Jira (PUP-11849) CRL authorityKeyIdentifier is not printed in puppet8
Title: Message Title Josh Cooper updated an issue Puppet / PUP-11849 CRL authorityKeyIdentifier is not printed in puppet8 Change By: Josh Cooper Story Points: 1 Add Comment This message was sent by Atlassian Jira (v8.20.21#820021-sha1:38274c8) -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-bugs/JIRA.485441.1683744464000.5281.1686088320028%40Atlassian.JIRA.
Jira (PUP-11849) CRL authorityKeyIdentifier is not printed in puppet8
Title: Message Title Michael Hashizume updated an issue Puppet / PUP-11849 CRL authorityKeyIdentifier is not printed in puppet8 Change By: Michael Hashizume Epic Link: PA- 5119 5411 Add Comment This message was sent by Atlassian Jira (v8.20.11#820011-sha1:0629dd8) -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-bugs/JIRA.485441.1683744464000.13637.1684267800026%40Atlassian.JIRA.
Jira (PUP-11849) CRL authorityKeyIdentifier is not printed in puppet8
Title: Message Title Justin Stoller commented on PUP-11849 Re: CRL authorityKeyIdentifier is not printed in puppet8 FWIW, we don't hit this issue when printing info with the puppetserver-ca-cli. Add Comment This message was sent by Atlassian Jira (v8.20.11#820011-sha1:0629dd8) -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-bugs/JIRA.485441.1683744464000.13584.1684255440019%40Atlassian.JIRA.
Jira (PUP-11849) CRL authorityKeyIdentifier is not printed in puppet8
Title: Message Title Josh Cooper commented on PUP-11849 Re: CRL authorityKeyIdentifier is not printed in puppet8 The bug is because ruby 3.2.2 & OpenSSL 1.1.1 returns an extension with a trailing newline: (byebug) RUBY_VERSION "3.2.2" (byebug) OpenSSL::OPENSSL_VERSION "OpenSSL 1.1.1f 31 Mar 2020" (byebug) crl.extensions[1].oid "authorityKeyIdentifier" (byebug) crl.extensions[1].value "keyid:2E:53:A9:06:E8:90:B1:DA:46:CD:25:47:3A:0B:F5:92:00:BE:D3:A5\n" We then call String#chomp!. However String#chomp! has an annoying behavior that it returns nil if nothing was modified. And Ruby 3.2.2 & OpenSSL 3 doesn't include the newline, thereby triggering the bug: (byebug) RUBY_VERSION "3.2.2" (byebug) OpenSSL::OPENSSL_VERSION
Jira (PUP-11849) CRL authorityKeyIdentifier is not printed in puppet8
Title: Message Title Josh Cooper created an issue Puppet / PUP-11849 CRL authorityKeyIdentifier is not printed in puppet8 Issue Type: Bug Affects Versions: PUP 8.0.0 Assignee: Unassigned Created: 2023/05/10 11:47 AM Priority: Normal Reporter: Josh Cooper In puppet 7, the agent prints the authorityKeyIdentifier for each CRL like: Debug: Using CRL 'CN=Puppet CA: ' authorityKeyIdentifier 'keyid:2E:53:A9:06:E8:90:B1:DA:46:CD:25:47:3A:0B:F5:92:00:BE:D3:A5' crlNumber '0' In puppet 8 with openssl 3, it's missing: Debug: Using CRL 'CN=Puppet CA: ' authorityKeyIdentifier '' crlNumber '0' Something is not right with the way the ruby bindings retrieve the CRL extensions in https://github.com/puppetlabs/puppet/blob/ad7d75b08dfff5e308fde199407d84308d74e538/lib/puppet/ssl/ssl_provider.rb#L225-L230
