Alexandros Kosiaris has submitted this change and it was merged. Change subject: puppet: CRL is now a file ......................................................................
puppet: CRL is now a file Our CRL is now a file, convert the apache directory to the correct one Also add a comment about the puppet bug with it's update problems Change-Id: I6ad02e04d3e4131a5d01016b15f5d855379e4496 --- M modules/puppetmaster/templates/web-frontend.conf.erb 1 file changed, 2 insertions(+), 1 deletion(-) Approvals: Alexandros Kosiaris: Looks good to me, approved jenkins-bot: Verified diff --git a/modules/puppetmaster/templates/web-frontend.conf.erb b/modules/puppetmaster/templates/web-frontend.conf.erb index 3c32e30..4f20a55 100644 --- a/modules/puppetmaster/templates/web-frontend.conf.erb +++ b/modules/puppetmaster/templates/web-frontend.conf.erb @@ -10,7 +10,8 @@ SSLCertificateChainFile /var/lib/puppet/ssl/certs/ca.pem # If Apache complains about invalid signatures on the CRL, you can try disabling # CRL checking by commenting the next line, but this is not recommended. - SSLCARevocationPath /var/lib/puppet/ssl/crl.pem + # NOTE: https://tickets.puppetlabs.com/browse/PUP-2310 says that CRL is not updated. Need to reevaluate this + SSLCARevocationFile /var/lib/puppet/ssl/crl.pem SSLVerifyClient <%= scope.lookupvar('puppetmaster::verify_client') %> SSLVerifyDepth 1 SSLOptions +StdEnvVars -- To view, visit https://gerrit.wikimedia.org/r/308501 To unsubscribe, visit https://gerrit.wikimedia.org/r/settings Gerrit-MessageType: merged Gerrit-Change-Id: I6ad02e04d3e4131a5d01016b15f5d855379e4496 Gerrit-PatchSet: 1 Gerrit-Project: operations/puppet Gerrit-Branch: production Gerrit-Owner: Alexandros Kosiaris <akosia...@wikimedia.org> Gerrit-Reviewer: Alexandros Kosiaris <akosia...@wikimedia.org> Gerrit-Reviewer: jenkins-bot <> _______________________________________________ MediaWiki-commits mailing list MediaWiki-commits@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits