Jira (PUP-7522) Add the ability to view trusted fact values from an agent
Title: Message Title Josh Cooper commented on PUP-7522 Re: Add the ability to view trusted fact values from an agent This was fixed in PUP-10888. The "puppet ssl show" command will not print the textual version of the agent's client cert, just like puppet cert print used to. Closing this as a dup. Add Comment This message was sent by Atlassian Jira (v8.5.2#805002-sha1:a66f935) -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-bugs/JIRA.190624.1494544362000.153594.1614390420201%40Atlassian.JIRA.
Jira (PUP-7522) Add the ability to view trusted fact values from an agent
Title: Message Title Josh Cooper assigned an issue to Unassigned Puppet / PUP-7522 Add the ability to view trusted fact values from an agent Change By: Josh Cooper Assignee: Josh Cooper Add Comment This message was sent by Atlassian Jira (v8.5.2#805002-sha1:a66f935) -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-bugs/JIRA.190624.1494544362000.153591.1614390300283%40Atlassian.JIRA.
Jira (PUP-7522) Add the ability to view trusted fact values from an agent
Title: Message Title Josh Cooper assigned an issue to Josh Cooper Puppet / PUP-7522 Add the ability to view trusted fact values from an agent Change By: Josh Cooper Assignee: Josh Cooper Add Comment This message was sent by Atlassian Jira (v8.5.2#805002-sha1:a66f935) -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-bugs/JIRA.190624.1494544362000.153590.1614390300239%40Atlassian.JIRA.
Jira (PUP-7522) Add the ability to view trusted fact values from an agent
Title: Message Title Josh Cooper commented on PUP-7522 Re: Add the ability to view trusted fact values from an agent So one issue with using the ruby bindings for openssl is that OpenSSL::X509::Certificate#to_text will print the long friendly name for the extension (assuming the puppet ssl application registers the puppet extensions). So you'll see something like: Puppet Node Role Name: ..ci But when writing a manifest, the trusted hash is keyed by the short friendly name: $trusted['pp_role'] So I'm thinking it would be most helpful if the command printed the short friendly name, with perhaps an option to show the full OID (in this example "1.3.6.1.4.1.34380.1.1.13"). What about something like? $ bundle exec puppet ssl show Subject: CN=localhost Issuer: CN=Puppet CA: localhost Serial: 3 Validity: '2020-12-02 19:23:06 UTC' to '2025-12-02 19:23:06 UTC'
Jira (PUP-7522) Add the ability to view trusted fact values from an agent
Title: Message Title Josh Cooper updated an issue Puppet / PUP-7522 Add the ability to view trusted fact values from an agent Change By: Josh Cooper Labels: beginner help_wanted Add Comment This message was sent by Atlassian Jira (v8.5.2#805002-sha1:a66f935) -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-bugs/JIRA.190624.1494544362000.90201.1606948380034%40Atlassian.JIRA.
Jira (PUP-7522) Add the ability to view trusted fact values from an agent
Title: Message Title Josh Cooper commented on PUP-7522 Re: Add the ability to view trusted fact values from an agent We could pretty easily add this to puppet ssl print. Just need to call something like: password = @cert_provider.load_private_key_password ssl_context = @ssl_provider.load_context(certname: certname, password: password) puts ssl_context.client_cert.to_text See the puppet ssl verify command. Add Comment This message was sent by Atlassian Jira (v8.5.2#805002-sha1:a66f935) -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from
Jira (PUP-7522) Add the ability to view trusted fact values from an agent
Title: Message Title Josh Cooper updated an issue Puppet / PUP-7522 Add the ability to view trusted fact values from an agent Change By: Josh Cooper Labels: beginner help_wanted Add Comment This message was sent by Atlassian Jira (v8.5.2#805002-sha1:a66f935) -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-bugs/JIRA.190624.1494544362000.27156.1585721880095%40Atlassian.JIRA.
Jira (PUP-7522) Add the ability to view trusted fact values from an agent
Title: Message Title
Ralph Bolton commented on PUP-7522
Re: Add the ability to view trusted fact values from an agent
In a similar style to https://tickets.puppetlabs.com/browse/PUP-2630, I have been using: puppet apply -e 'notify{"abc$trusted":}'
Add Comment
This message was sent by Atlassian JIRA (v7.7.1#77002-sha1:e75ca93)
--
You received this message because you are subscribed to the Google Groups "Puppet Bugs" group.
To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-bugs@googlegroups.com.
Visit this group at https://groups.google.com/group/puppet-bugs.
For more options, visit https://groups.google.com/d/optout.
Jira (PUP-7522) Add the ability to view trusted fact values from an agent
Title: Message Title Owen Rodabaugh updated an issue Puppet / PUP-7522 Add the ability to view trusted fact values from an agent Change By: Owen Rodabaugh CS Priority: Normal CS Impact: While these facts can be found in the console, there are times when troubleshooting on the node it would be very nice to just get them via some kinda of puppet CLI command. CS Severity: 2 - Annoyance CS Business Value: 4 - $ CS Frequency: 3 - 25-50% of Customers Add Comment This message was sent by Atlassian JIRA (v7.0.2#70111-sha1:88534db)
Jira (PUP-7522) Add the ability to view trusted fact values from an agent
Title: Message Title Josh Cooper updated an issue Puppet / PUP-7522 Add the ability to view trusted fact values from an agent Change By: Josh Cooper Labels: triaged Add Comment This message was sent by Atlassian JIRA (v6.4.14#64029-sha1:ae256fe) -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com. To post to this group, send email to puppet-bugs@googlegroups.com. Visit this group at https://groups.google.com/group/puppet-bugs. For more options, visit https://groups.google.com/d/optout.
Jira (PUP-7522) Add the ability to view trusted fact values from an agent
Title: Message Title Josh Cooper updated an issue Puppet / PUP-7522 Add the ability to view trusted fact values from an agent Change By: Josh Cooper Labels: help_wanted triaged Add Comment This message was sent by Atlassian JIRA (v6.4.14#64029-sha1:ae256fe) -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com. To post to this group, send email to puppet-bugs@googlegroups.com. Visit this group at https://groups.google.com/group/puppet-bugs. For more options, visit https://groups.google.com/d/optout.
Jira (PUP-7522) Add the ability to view trusted fact values from an agent
Title: Message Title Nate McCurdy updated an issue Puppet / PUP-7522 Add the ability to view trusted fact values from an agent Change By: Nate McCurdy Team: Agent Add Comment This message was sent by Atlassian JIRA (v6.4.14#64029-sha1:ae256fe) -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com. To post to this group, send email to puppet-bugs@googlegroups.com. Visit this group at https://groups.google.com/group/puppet-bugs. For more options, visit https://groups.google.com/d/optout.
Jira (PUP-7522) Add the ability to view trusted fact values from an agent
Title: Message Title
Nate McCurdy updated an issue
Puppet / PUP-7522
Add the ability to view trusted fact values from an agent
Change By:
Nate McCurdy
h2. The problemThere is no current way—at least that I could find—for an agent to be able to view its trusted fact values using a {{puppet}} command.Someone that is troubleshooting a Puppet-built node would need to do one of:* Have root access on the Puppet master to run {{puppet cert print }}* Have API access to do a PuppetDB query* Run {{openssl x509 -text -noout -in $(puppet config print hostcert)}} to view certificate extensions but not have the OID mapping for trusted facts.The values of a trusted fact are not considered secret and are only trusted in that they've been signed by the CA. Also, they are plainly visible in the x509 certificate. An admin/Puppet user shouldn't need to know the intricacies of the {{openssl}} command to view that data. It seems silly that there is not a way to view this data from a {{puppet}} command.h2. The improvementThere should be some command, {{puppet }}, that shows the values of local trusted facts and their OID mappings if using one of the named OID values .
Add Comment
This message was sent by Atlassian JIRA (v6.4.14#64029-sha1:ae256fe)
--
You received this message because you are subscribed to the Google Groups "Puppet Bugs" group.
To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-bugs@googlegroups.com.
Visit this group at
Jira (PUP-7522) Add the ability to view trusted fact values from an agent
Title: Message Title
Nate McCurdy updated an issue
Puppet / PUP-7522
Add the ability to view trusted fact values from an agent
Change By:
Nate McCurdy
h2. The problem There is no current way —at least that I could find—for an agent to be able to view its trusted fact values using a {{puppet}} command.Someone that is troubleshooting a Puppet-built node would need to do one of:* Have root access on the Puppet master to run {{puppet cert print }}* Have API access to do a PuppetDB query* Run {{openssl x509 -text -noout -in $(puppet config print hostcert)}} to view certificate extensions but not have the OID mapping for trusted facts.The values of a trusted fact are not considered secret and are only trusted in that they've been signed by the CA. Also, they are plainly visible in the x509 certificate. An admin/Puppet user shouldn't need to know the intricacies of the {{openssl}} command to view that data. It seems silly that there is not a way to view this data from a {{puppet}} command.h2. The improvementThere should be some command, {{puppet }}, that shows the values of local trusted facts.
Add Comment
This message was sent by Atlassian JIRA (v6.4.14#64029-sha1:ae256fe)
--
You received this message because you are subscribed to the Google Groups "Puppet Bugs" group.
To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-bugs@googlegroups.com.
Visit this group at https://groups.google.com/group/puppet-bugs.
For more options, visit
Jira (PUP-7522) Add the ability to view trusted fact values from an agent
Title: Message Title Nate McCurdy created an issue Puppet / PUP-7522 Add the ability to view trusted fact values from an agent Issue Type: Improvement Assignee: Unassigned Created: 2017/05/11 4:12 PM Priority: Normal Reporter: Nate McCurdy There is no current way Add Comment This message was sent by Atlassian JIRA (v6.4.14#64029-sha1:ae256fe)
