-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Are you sure?
When I did this patch, and let puppet rebuild, the CN did appear to be set to the new name. Example: CN=puppet-ca.test.net Oh, and I forgot that you can't use '_' in a proper FQDN for my example below. And, no, I haven't had a chance to delve into the 2.6 series yet. Thanks, Trevor On 07/12/2010 09:18 PM, Jeff McCune wrote: > So this is unrelated. Have you tried your fix against 2.6.0rc ? The > name variable you modify does not change the ca cn field which is what > I was speaking to. > > Hence the ca_name configuration setting. > > On Monday, July 12, 2010, Trevor Vaughan <[email protected]> wrote: >> You need to add something to the FQDN to make this work properly. >> >> So, it should be something like Puppet CA #{Facter["fqdn"]}_ca" >> >> Trevor >> >> On 7/8/10, Jeff McCune <[email protected]> wrote: >>> On Wed, Jun 30, 2010 at 2:22 AM, Trevor Vaughan <[email protected]> >>> wrote: >>>> -----BEGIN PGP SIGNED MESSAGE----- >>>> Hash: SHA1 >>>> >>>> Yes, that's why it was a retro fix. >>> >>> I've verified Trevor's account is the problem and the solution, at least to: >>> >>> http://projects.puppetlabs.com/issues/1525 and >>> http://projects.puppetlabs.com/issues/3770 >>> >>> The current HEAD of master does not have this fix as the default, but >>> we do have --ca_name as a configuration option. >>> >>> I propose we set the default value of the ca_name configuration >>> parameter to be "Puppet CA #{Facter["fqdn"]}" >>> >>> By the way, the code Trevor mentioned doesn't appear to be valid for >>> 2.6, I had to specifically configure ca_name to get the desired >>> behavior, hacking the source[1] didn't have any effect. >>> >>> Spaces are fine in the CN field. >>> >>> [1] - >>> http://github.com/reductivelabs/puppet/blob/master/lib/puppet/sslcertificates/ca.rb#L158 >>> >>> Cheers, >>> -- >>> Jeff McCune >>> http://www.puppetlabs.com/ >>> >>> -- >>> You received this message because you are subscribed to the Google Groups >>> "Puppet Developers" group. >>> To post to this group, send email to [email protected]. >>> To unsubscribe from this group, send email to >>> [email protected]. >>> For more options, visit this group at >>> http://groups.google.com/group/puppet-dev?hl=en. >>> >>> >> >> >> -- >> Trevor Vaughan >> Vice President, Onyx Point, Inc >> (410) 541-6699 >> [email protected] >> >> -- This account not approved for unencrypted proprietary information -- >> >> -- >> You received this message because you are subscribed to the Google Groups >> "Puppet Developers" group. >> To post to this group, send email to [email protected]. >> To unsubscribe from this group, send email to >> [email protected]. >> For more options, visit this group at >> http://groups.google.com/group/puppet-dev?hl=en. >> >> > - -- Trevor Vaughan Vice President, Onyx Point, Inc. email: [email protected] phone: 410-541-ONYX (6699) pgp: 0x6C701E94 - -- This account not approved for unencrypted sensitive information -- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAEBAgAGBQJMPEciAAoJECNCGV1OLcypGcIH+QHVydLQjL95q97G3xtBgOVN qq6QOt3c/pQvoZzkGXr3PXM0BaUlcp+yYPtO/5tu2YSH1/qYTcGb5Qf4y/KgRseQ V2JupCbbseFKGjXp45/3kebRinq62RPsjzGlV9KU2yYsSc0W8ksyTmV2GmUY23Gf OzkG/sN4RAS5qBzl1m9qs71AJt9wFRg2hHyKgmd2C6EecKttN4nfy/7NtY7tpOxb 1Vc6zhq8f9QhjM7M1VEvxiYBk955wxKwPEdPSBBkSGp5IkRN5EIklNYCfBkaxG4s X+4e7dQFm5aCDp+wxiaM1T/jgJQWzLeKRExIlBe2jQmbLdscsaG6RTFqXsoSAwk= =6oO+ -----END PGP SIGNATURE----- -- You received this message because you are subscribed to the Google Groups "Puppet Developers" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/puppet-dev?hl=en.
<<attachment: tvaughan.vcf>>
