Jira (PUP-8889) Puppet Agent : cannot add certificates for HTTPS
Title: Message Title zendesk.jira updated an issue Puppet / PUP-8889 Puppet Agent : cannot add certificates for HTTPS Change By: zendesk.jira Labels: jira_escalated Add Comment This message was sent by Atlassian Jira (v8.5.2#805002-sha1:a66f935) -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-bugs/JIRA.252300.1527079707000.142137.1613456040103%40Atlassian.JIRA.
Jira (PUP-8889) Puppet Agent : cannot add certificates for HTTPS
Title: Message Title zendesk.jira updated an issue Puppet / PUP-8889 Puppet Agent : cannot add certificates for HTTPS Change By: zendesk.jira Zendesk Ticket Count: 1 Zendesk Ticket IDs: 43200 Add Comment This message was sent by Atlassian Jira (v8.5.2#805002-sha1:a66f935) -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-bugs/JIRA.252300.1527079707000.142136.1613456040046%40Atlassian.JIRA.
Jira (PUP-8889) Puppet Agent : cannot add certificates for HTTPS
Title: Message Title Josh Cooper commented on PUP-8889 Re: Puppet Agent : cannot add certificates for HTTPS Thanks Thomas Mueller and Franck Jouvanceau, closing. Add Comment This message was sent by Atlassian JIRA (v7.7.1#77002-sha1:e75ca93) -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com. To post to this group, send email to puppet-bugs@googlegroups.com. Visit this group at https://groups.google.com/group/puppet-bugs. For more options, visit https://groups.google.com/d/optout.
Jira (PUP-8889) Puppet Agent : cannot add certificates for HTTPS
Title: Message Title Thomas Mueller commented on PUP-8889 Re: Puppet Agent : cannot add certificates for HTTPS just FYI: on EL (RHEL/CentOS) and Fedora System CA trust certs in PEM format is managed in /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem (by the update-ca-trust utility). There's also a java keystore: /etc/pki/ca-trust/extracted/java/cacerts If I wan't to add a custom/enterprise cert for my systems I'll add it to /etc/pki/ca-trust/source/anchors/ and after executing update-ca-trust system cert bundles contain my certs and wget/curl/openjdk will accept my TLS connections - but not puppet, because of its own openssl libs. Add Comment This message was sent by Atlassian JIRA (v7.7.1#77002-sha1:e75ca93) -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com. To post to this group, send email to puppet-bugs@googlegroups.com. Visit this group at https://groups.google.com/group/puppet-bugs. For more options, visit https://groups.google.com/d/optout.
Jira (PUP-8889) Puppet Agent : cannot add certificates for HTTPS
Title: Message Title Franck Jouvanceau commented on PUP-8889 Re: Puppet Agent : cannot add certificates for HTTPS Thomas Mueller thanks again, tested everything is fine, this issue can be closed Add Comment This message was sent by Atlassian JIRA (v7.7.1#77002-sha1:e75ca93) -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com. To post to this group, send email to puppet-bugs@googlegroups.com. Visit this group at https://groups.google.com/group/puppet-bugs. For more options, visit https://groups.google.com/d/optout.
Jira (PUP-8889) Puppet Agent : cannot add certificates for HTTPS
Title: Message Title Franck Jouvanceau commented on PUP-8889 Re: Puppet Agent : cannot add certificates for HTTPS Ok, thanks a lot for the information. yes, we are using /etc/pki/ca-trust/source/anchors ok we'll do something like : file { '/opt/puppetlabs/puppet/ssl/certs': ensure => 'directory', source => '/etc/pki/ca-trust/source/anchors', recurse => true, } ~> exec { 'rehash puppetlabs certs': command => '/opt/puppetlabs/puppet/bin/c_rehash /opt/puppetlabs/puppet/ssl/certs', refreshonly => true, } Add Comment
Jira (PUP-8889) Puppet Agent : cannot add certificates for HTTPS
Title: Message Title Thomas Mueller commented on PUP-8889 Re: Puppet Agent : cannot add certificates for HTTPS Franck Jouvanceau 08fa37bb.0 is some hash id of the CA cert. this is an OpenSSL thing. after putting a cert into the directory with a human-readable filename you'll need to run c_rehash /opt/puppetlabs/puppet/ssl/certs/ (https://www.openssl.org/docs/man1.0.2/apps/c_rehash.html) to create hash symlinks. Add Comment This message was sent by Atlassian JIRA (v7.7.1#77002-sha1:e75ca93) -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com. To post to this group, send email to puppet-bugs@googlegroups.com. Visit this group at https://groups.google.com/group/puppet-bugs. For more options, visit https://groups.google.com/d/optout.
Jira (PUP-8889) Puppet Agent : cannot add certificates for HTTPS
Title: Message Title Craig Gomes updated an issue Puppet / PUP-8889 Puppet Agent : cannot add certificates for HTTPS Change By: Craig Gomes Team: Coremunity Add Comment This message was sent by Atlassian JIRA (v7.7.1#77002-sha1:e75ca93) -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com. To post to this group, send email to puppet-bugs@googlegroups.com. Visit this group at https://groups.google.com/group/puppet-bugs. For more options, visit https://groups.google.com/d/optout.
Jira (PUP-8889) Puppet Agent : cannot add certificates for HTTPS
Title: Message Title Branan Riley moved an issue Puppet / PUP-8889 Puppet Agent : cannot add certificates for HTTPS Change By: Branan Riley Affects Version/s: puppet-agent 5.5.1 Affects Version/s: puppet-agent 1.10.9 Affects Version/s: PUP 4.10.9 Affects Version/s: PUP 5.5.1 Key: PA PUP - 2059 8889 Project: Puppet Agent Add Comment This message was sent by Atlassian JIRA (v7.7.1#77002-sha1:e75ca93)