Alexandros Kosiaris has submitted this change and it was merged.
Change subject: puppet: CRL is now a file
......................................................................
puppet: CRL is now a file
Our CRL is now a file, convert the apache directory to the correct one
Also add a comment about the puppet bug with it's update problems
Change-Id: I6ad02e04d3e4131a5d01016b15f5d855379e4496
---
M modules/puppetmaster/templates/web-frontend.conf.erb
1 file changed, 2 insertions(+), 1 deletion(-)
Approvals:
Alexandros Kosiaris: Looks good to me, approved
jenkins-bot: Verified
diff --git a/modules/puppetmaster/templates/web-frontend.conf.erb
b/modules/puppetmaster/templates/web-frontend.conf.erb
index 3c32e30..4f20a55 100644
--- a/modules/puppetmaster/templates/web-frontend.conf.erb
+++ b/modules/puppetmaster/templates/web-frontend.conf.erb
@@ -10,7 +10,8 @@
SSLCertificateChainFile /var/lib/puppet/ssl/certs/ca.pem
# If Apache complains about invalid signatures on the CRL, you can try
disabling
# CRL checking by commenting the next line, but this is not recommended.
- SSLCARevocationPath /var/lib/puppet/ssl/crl.pem
+ # NOTE: https://tickets.puppetlabs.com/browse/PUP-2310 says that CRL is
not updated. Need to reevaluate this
+ SSLCARevocationFile /var/lib/puppet/ssl/crl.pem
SSLVerifyClient <%= scope.lookupvar('puppetmaster::verify_client') %>
SSLVerifyDepth 1
SSLOptions +StdEnvVars
--
To view, visit https://gerrit.wikimedia.org/r/308501
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: merged
Gerrit-Change-Id: I6ad02e04d3e4131a5d01016b15f5d855379e4496
Gerrit-PatchSet: 1
Gerrit-Project: operations/puppet
Gerrit-Branch: production
Gerrit-Owner: Alexandros Kosiaris <akosia...@wikimedia.org>
Gerrit-Reviewer: Alexandros Kosiaris <akosia...@wikimedia.org>
Gerrit-Reviewer: jenkins-bot <>
_______________________________________________
MediaWiki-commits mailing list
MediaWiki-commits@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
