[Pkg-puppet-devel] Bug#525850: puppet: Requesting new certificate will overwrite CA certificate
Micah Anderson
micah at riseup.net
Sat Sep 29 21:28:26 UTC 2012
Hello,
> attached is a patch that I use to prevent puppet from overwriting the
> CA certificate if it is already present on the local host.
When you reported this bug, it was for 0.24, does this still happen with newer
versions of puppet?
> --- puppet.orig/lib/puppet/network/client/ca.rb
> +++ puppet/lib/puppet/network/client/ca.rb
> @@ -48,7 +48,9 @@
>
> # Only write the cert out if it passes validating.
> Puppet.settings.write(:hostcert) do |f| f.print cert end
> - Puppet.settings.write(:localcacert) do |f| f.print cacert end
> + unless FileTest.exist?(Puppet[:localcacert])
> + Puppet.settings.write(:localcacert) do |f| f.print cacert end
> + end
>
> @cert
> end
In newer versions of puppet, most of the above code doesn't exist anywhere I
could find, so I guess that this has either been resolved in newer versions, or
you have been forward porting this patch to new versions? If you do have a newer
version, could you send it to the bug report?
micah
--
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: Digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-puppet-devel/attachments/20120929/4b6cf486/attachment.pgp>
More information about the Pkg-puppet-devel
mailing list