Issue #23116 has been updated by Andrew Parker. Status changed from Unreviewed to Needs More Information
Sorry, forgot the assign this back to you when I asked my question. ---------------------------------------- Feature #23116: Allow verification of certificate validity and common name post factum https://projects.puppetlabs.com/issues/23116#change-99967 * Author: Jill Burrows * Status: Needs More Information * Priority: Immediate * Assignee: Andrew Parker * Category: SSL * Target version: * Affected Puppet version: * Keywords: * Branch: ---------------------------------------- A terminus may want to fetch information over the network from a server: * with a certificate signed by our CA * with a certificate whose subject name does not match the DNS name * for which subject alternative names are not an option In this case SSL validation will fail if VALIDATE_PEER is set. However, we expect the certificate to have a specific name which matches the service name We would like to have the ability to make a request and verify the expected identity after making the request. -- You have received this notification because you have either subscribed to it, or are involved in it. To change your notification preferences, please click here: http://projects.puppetlabs.com/my/account -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com. To post to this group, send email to puppet-bugs@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-bugs. For more options, visit https://groups.google.com/groups/opt_out.