Hi Matthew,
Use your imagination. Puppet is not directly accessible to the
internet, but there are puppet clients which are. Shared web servers,
mail servers etc. I'm paid to be paranoid..
Thanks. Tom.
On 08/04/14 20:43, Matthew Burgess wrote:
On 8 Apr 2014 09:29, "Tom" <t...@t0mb.net <mailto:t...@t0mb.net>> wrote:
>
> Hi,
>
> In light of the recently publicised vulnerability in OpenSSL
versions provided on RHEL6/CentOS6 http://heartbleed.com/, do you have
any recommendations on a procedure to regenerate new master
certificates and then revoke, clean and re-sign all client SSL
certificates?
Whilst I can't offer any direct answer to your question, and agree
that it's a generally useful thing to have in the toolbox, I'm
slightly inquisitive as to why you feel that action is necessary for
this vulnerability. Is your Puppet Master accessible publically via
the Internet and if so, why is that? If it isn't directly accessible
via the Internet who/what is it that you think could have exploited
the vulnerability?
Thanks,
Matt
--
You received this message because you are subscribed to the Google
Groups "Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send
an email to puppet-users+unsubscr...@googlegroups.com
<mailto:puppet-users+unsubscr...@googlegroups.com>.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/CAKUTv3%2BNsfq3%2Batkib6WQ%3DaHNRtXPVbkZh7P6EDoktYD6%2B_HUQ%40mail.gmail.com
<https://groups.google.com/d/msgid/puppet-users/CAKUTv3%2BNsfq3%2Batkib6WQ%3DaHNRtXPVbkZh7P6EDoktYD6%2B_HUQ%40mail.gmail.com?utm_medium=email&utm_source=footer>.
For more options, visit https://groups.google.com/d/optout.
--
You received this message because you are subscribed to the Google Groups "Puppet
Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/5344F7EC.4040807%40t0mb.net.
For more options, visit https://groups.google.com/d/optout.