Jira (PUP-2354) agent is confused about cert state

2019-03-21 Thread Heston Hoffman (JIRA)
Title: Message Title


 
 
 
 

 
 
 

 
   
 Heston Hoffman updated an issue  
 

  
 
 
 
 

 
 
  
 
 
 
 

 
 Puppet /  PUP-2354  
 
 
  agent is confused about cert state   
 

  
 
 
 
 

 
Change By: 
 Heston Hoffman  
 
 
Labels: 
 redmine  resolved-issue-added  
 

  
 
 
 
 

 
 
 

 
 
 Add Comment  
 

  
 

  
 
 
 
  
 

  
 
 
 
 

 
 This message was sent by Atlassian JIRA (v7.7.1#77002-sha1:e75ca93)  
 
 

 
   
 

  
 

  
 

   





-- 
You received this message because you are subscribed to the Google Groups "Puppet Bugs" group.
To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-bugs@googlegroups.com.
Visit this group at https://groups.google.com/group/puppet-bugs.
For more options, visit https://groups.google.com/d/optout.


Jira (PUP-2354) agent is confused about cert state

2019-03-20 Thread Josh Cooper (JIRA)
Title: Message Title


 
 
 
 

 
 
 

 
   
 Josh Cooper updated an issue  
 

  
 
 
 
 

 
 
  
 
 
 
 

 
 Puppet /  PUP-2354  
 
 
  agent is confused about cert state   
 

  
 
 
 
 

 
Change By: 
 Josh Cooper  
 
 
Release Notes Summary: 
 Puppet agents no longer get stuck if the server has a CSR or cert from a previous instance of the agent. This enables the `allow_duplicate_certs` setting to work as expected.  
 
 
Release Notes: 
 Known Issue Bug Fix  
 

  
 
 
 
 

 
 
 

 
 
 Add Comment  
 

  
 

  
 
 
 
  
 

  
 
 
 
 

 
 This message was sent by Atlassian JIRA (v7.7.1#77002-sha1:e75ca93)  
 
 

 
   
 

  
 

  
 

   





-- 
You received this message because you are subscribed to the Google Groups "Puppet Bugs" group.
To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-bugs@googlegroups.com.
Visit this group at https://groups.google.com/group/puppet-bugs.
For more options, visit https://groups.google.com/d/optout.


Jira (PUP-2354) agent is confused about cert state

2019-03-20 Thread Josh Cooper (JIRA)
Title: Message Title


 
 
 
 

 
 
 

 
   
 Josh Cooper commented on  PUP-2354  
 

  
 
 
 
 

 
 
  
 
 
 
 

 
  Re: agent is confused about cert state   
 

  
 
 
 
 

 
 In the upcoming 6.4 release, it will be possible to set allow_duplicate_certs=true, and the agent can submit a CSR even if there is a CSR or signed cert with the same name. If/when the administrator revokes the old cert and signs the new cert, then the agent will download the new cert and proceed as expected. Some of the gotchas described by the OP and in comments have been fixed, such as caching mismatched CSRs from the server. For example, if a node has a valid client cert and you clean it, it will create a new private key and download the previous instance of the cert. Since the cert is mismatched, the agent will error and discard it:  
 
 
 
 
 $ bx puppet ssl clean --certname mars  
 
 
 Notice: Removed private key /tmp/ssltest26/private_keys/mars.pem  
 
 
 Notice: Removed certificate /tmp/ssltest26/certs/mars.pem  
 
 
    
 
 
 $ bx puppet agent -t --certname mars  
 
 
 Info: Creating a new SSL key for mars  
 
 
 Info: csr_attributes file loading from /etc/puppetlabs/puppet/csr_attributes.yaml  
 
 
 Info: Creating a new SSL certificate request for mars  
 
 
 Info: Certificate Request fingerprint (SHA256): 09:50:AC:D9:55:43:D2:33:C7:CA:FF:B2:08:58:03:E7:1B:C9:AC:6D:01:4D:C7:34:43:85:64:67:22:03:64:DA  
 
 
 Info: Downloaded certificate for mars from puppet.delivery.puppetlabs.net  
 
 

Jira (PUP-2354) agent is confused about cert state

2019-03-12 Thread Mohak Sharma (JIRA)
Title: Message Title


 
 
 
 

 
 
 

 
   
 Mohak Sharma commented on  PUP-2354  
 

  
 
 
 
 

 
 
  
 
 
 
 

 
  Re: agent is confused about cert state   
 

  
 
 
 
 

 
 Hi Josh, I have set autosign to a bash script which return zero or non-zero status according to some logic and enables autosigning from a legitimate source. Just want to make sure according to the limitations listed by you, will it work if I set allow_duplicate_certs to true?  
 

  
 
 
 
 

 
 
 

 
 
 Add Comment  
 

  
 

  
 
 
 
  
 

  
 
 
 
 

 
 This message was sent by Atlassian JIRA (v7.7.1#77002-sha1:e75ca93)  
 
 

 
   
 

  
 

  
 

   





-- 
You received this message because you are subscribed to the Google Groups "Puppet Bugs" group.
To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-bugs@googlegroups.com.
Visit this group at https://groups.google.com/group/puppet-bugs.
For more options, visit https://groups.google.com/d/optout.


Jira (PUP-2354) agent is confused about cert state

2019-02-07 Thread Josh Cooper (JIRA)
Title: Message Title


 
 
 
 

 
 
 

 
   
 Josh Cooper commented on  PUP-2354  
 

  
 
 
 
 

 
 
  
 
 
 
 

 
  Re: agent is confused about cert state   
 

  
 
 
 
 

 
 There are a few issues here. Newly provisioned agents generate a key pair, but optimistically try to download an issued cert before sending a CSR. This is due to the byzantine logic in Puppet::SSL::Host. If there happens to be an issued cert from the previous agent instance, then the agent prints the error message about a mismatched key and cert, and to make matters worse, saves the mismatched cert to disk. This breaks all future attempts to bootstrap the agent's cert. I am working on fixing this mess as described in other tickets in this Epic. But I have a few questions for watchers on this specific ticket. Assuming allow_duplicate_certs=true, I'm proposing: 
 
If the agent submits a CSR and there is already a CSR present on the server (same or different content), then the server will overwrite its version with whatever the agent sent. 
If the agent submits a CSR and there is already an issued cert (from possibly a previous instance), the server will save the agent's CSR, but leave the issued cert as-is. 
We have to be careful about "automatically" revoking old certs and signing new ones, because a malicious unauthenticated user could submit a CSR for the ca or puppetserver node. 
 Would it be sufficient to restrict the scope of this to: 
 
If you set allow_duplicate_certs=true then autosign must be false or you must provide an autosigning policy to conditionally clean the old instance and issue a new cert? In particular autosign=true would not be allowed. 
If an autosign policy is used, then it's up to the user to define when it it acceptable to clean a node's cert, such as using the AWS instance-id Eric Sorenson mentions above? 
We should blacklist the ca node and any node name whose cert contains the isCA: TRUE basic constraint 
We could only allow certs to be revoked if they contain a cert extension indicating they are "recycle-able", something like pp_ephemeral=true. Infrastructure nodes like compiler, etc wouldn't have that extension in their cert. 
 Thoughts?  
 

  
 
 
 
 

 
 
 

 
 
 Add Comment  
 

 

Jira (PUP-2354) agent is confused about cert state

2019-01-17 Thread Adam Bottchen (JIRA)
Title: Message Title


 
 
 
 

 
 
 

 
   
 Adam Bottchen updated an issue  
 

  
 
 
 
 

 
 
  
 
 
 
 

 
 Puppet /  PUP-2354  
 
 
  agent is confused about cert state   
 

  
 
 
 
 

 
Change By: 
 Adam Bottchen  
 
 
CS Priority: 
 Needs Priority Reviewed  
 

  
 
 
 
 

 
 
 

 
 
 Add Comment  
 

  
 

  
 
 
 
  
 

  
 
 
 
 

 
 This message was sent by Atlassian JIRA (v7.7.1#77002-sha1:e75ca93)  
 
 

 
   
 

  
 

  
 

   





-- 
You received this message because you are subscribed to the Google Groups "Puppet Bugs" group.
To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-bugs@googlegroups.com.
Visit this group at https://groups.google.com/group/puppet-bugs.
For more options, visit https://groups.google.com/d/optout.


Jira (PUP-2354) agent is confused about cert state

2019-01-03 Thread Thomas Kishel (JIRA)
Title: Message Title


 
 
 
 

 
 
 

 
   
 Thomas Kishel updated an issue  
 

  
 
 
 
 

 
 
  
 
 
 
 

 
 Puppet /  PUP-2354  
 
 
  agent is confused about cert state   
 

  
 
 
 
 

 
Change By: 
 Thomas Kishel  
 
 
CS Priority: 
 Needs Priority  
 

  
 
 
 
 

 
 
 

 
 
 Add Comment  
 

  
 

  
 
 
 
  
 

  
 
 
 
 

 
 This message was sent by Atlassian JIRA (v7.7.1#77002-sha1:e75ca93)  
 
 

 
   
 

  
 

  
 

   





-- 
You received this message because you are subscribed to the Google Groups "Puppet Bugs" group.
To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-bugs@googlegroups.com.
Visit this group at https://groups.google.com/group/puppet-bugs.
For more options, visit https://groups.google.com/d/optout.


Jira (PUP-2354) agent is confused about cert state

2019-01-03 Thread Thomas Kishel (JIRA)
Title: Message Title


 
 
 
 

 
 
 

 
   
 Thomas Kishel updated an issue  
 

  
 
 
 
 

 
 
  
 
 
 
 

 
 Puppet /  PUP-2354  
 
 
  agent is confused about cert state   
 

  
 
 
 
 

 
 If `allow_duplicate_certs` is broken, we should document it as a known issue to spare users the frustration of trying to utilize it?  
 

  
 
 
 
 

 
Change By: 
 Thomas Kishel  
 
 
Release Notes: 
 Known Issue  
 

  
 
 
 
 

 
 
 

 
 
 Add Comment  
 

  
 

  
 
 
 
  
 

  
 
 
 
 

 
 This message was sent by Atlassian JIRA (v7.7.1#77002-sha1:e75ca93)  
 
 

 
   
 

  
 

  
 

   





-- 
You received this message because you are subscribed to the Google Groups "Puppet Bugs" group.
To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-bugs@googlegroups.com.
Visit this group at https://groups.google.com/group/puppet-bugs.
For more options, visit https://groups.google.com/d/optout.


Jira (PUP-2354) agent is confused about cert state

2019-01-03 Thread Jayant Sane (JIRA)
Title: Message Title


 
 
 
 

 
 
 

 
   
 Jayant Sane assigned an issue to Unassigned  
 

  
 
 
 
 

 
 
  
 
 
 
 

 
 Puppet /  PUP-2354  
 
 
  agent is confused about cert state   
 

  
 
 
 
 

 
Change By: 
 Jayant Sane  
 
 
Assignee: 
 Jayant Sane  
 

  
 
 
 
 

 
 
 

 
 
 Add Comment  
 

  
 

  
 
 
 
  
 

  
 
 
 
 

 
 This message was sent by Atlassian JIRA (v7.7.1#77002-sha1:e75ca93)  
 
 

 
   
 

  
 

  
 

   





-- 
You received this message because you are subscribed to the Google Groups "Puppet Bugs" group.
To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-bugs@googlegroups.com.
Visit this group at https://groups.google.com/group/puppet-bugs.
For more options, visit https://groups.google.com/d/optout.


Jira (PUP-2354) agent is confused about cert state

2019-01-02 Thread Tama MA (JIRA)
Title: Message Title


 
 
 
 

 
 
 

 
   
 Tama MA commented on  PUP-2354  
 

  
 
 
 
 

 
 
  
 
 
 
 

 
  Re: agent is confused about cert state   
 

  
 
 
 
 

 
 Noted with thanks.  
 

  
 
 
 
 

 
 
 

 
 
 Add Comment  
 

  
 

  
 
 
 
  
 

  
 
 
 
 

 
 This message was sent by Atlassian JIRA (v7.7.1#77002-sha1:e75ca93)  
 
 

 
   
 

  
 

  
 

   





-- 
You received this message because you are subscribed to the Google Groups "Puppet Bugs" group.
To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-bugs@googlegroups.com.
Visit this group at https://groups.google.com/group/puppet-bugs.
For more options, visit https://groups.google.com/d/optout.


Jira (PUP-2354) agent is confused about cert state

2019-01-02 Thread Thomas Kishel (JIRA)
Title: Message Title


 
 
 
 

 
 
 

 
   
 Thomas Kishel commented on  PUP-2354  
 

  
 
 
 
 

 
 
  
 
 
 
 

 
  Re: agent is confused about cert state   
 

  
 
 
 
 

 
 Tama, your best practices question falls outside the scope of this product engineering ticketing system. That said, certificates are integral to the Puppet Agent/Server model as they are used to establish identity as well as encryption, so there is no supported practice to select as best.  
 

  
 
 
 
 

 
 
 

 
 
 Add Comment  
 

  
 

  
 
 
 
  
 

  
 
 
 
 

 
 This message was sent by Atlassian JIRA (v7.7.1#77002-sha1:e75ca93)  
 
 

 
   
 

  
 

  
 

   





-- 
You received this message because you are subscribed to the Google Groups "Puppet Bugs" group.
To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-bugs@googlegroups.com.
Visit this group at https://groups.google.com/group/puppet-bugs.
For more options, visit https://groups.google.com/d/optout.


Jira (PUP-2354) agent is confused about cert state

2019-01-02 Thread Josh Cooper (JIRA)
Title: Message Title


 
 
 
 

 
 
 

 
   
 Josh Cooper commented on  PUP-2354  
 

  
 
 
 
 

 
 
  
 
 
 
 

 
  Re: agent is confused about cert state   
 

  
 
 
 
 

 
 

could you give us an update of the best practices to disable agent SSL certification... Therefore, there is no need for extra SSL protection by Puppet.
 There isn't currently a way to disable SSL, because puppet relies on client certs for client authentication (so it's more than confidentiality and integrity). Puppet also relies on client certs to provide trusted facts during compilation. The question of disabling SSL has come up before, eg. https://groups.google.com/d/msg/puppet-users/5Y4BgGgsoRk/8A6GThP_BgAJ. I'd suggest filling a new ticket as it's unrelated to this particular issue.  
 

  
 
 
 
 

 
 
 

 
 
 Add Comment  
 

  
 

  
 
 
 
  
 

  
 
 
 
 

 
 This message was sent by Atlassian JIRA (v7.7.1#77002-sha1:e75ca93)  
 
 

 
   
 

  
 

  
 

   





-- 
You received this message because you are subscribed to the Google Groups "Puppet Bugs" group.
To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-bugs@googlegroups.com.
Visit this group at https://groups.google.com/group/puppet-bugs.
For more options, visit https://groups.google.com/d/optout.


Jira (PUP-2354) agent is confused about cert state

2019-01-02 Thread Tama MA (JIRA)
Title: Message Title


 
 
 
 

 
 
 

 
   
 Tama MA commented on  PUP-2354  
 

  
 
 
 
 

 
 
  
 
 
 
 

 
  Re: agent is confused about cert state   
 

  
 
 
 
 

 
 Hi Josh, Noted with thanks.  After fixing this bug, could you kindly give us an update of the best practices to disable agent SSL certification? FYI: My entire infrastructure is VPN protected, with all ports listening to VPN interface. Therefore, there is no need for extra SSL protection by Puppet. Thanks! Kind regards, Tama Ma  
 

  
 
 
 
 

 
 
 

 
 
 Add Comment  
 

  
 

  
 
 
 
  
 

  
 
 
 
 

 
 This message was sent by Atlassian JIRA (v7.7.1#77002-sha1:e75ca93)  
 
 

 
   
 

  
 

  
 

   





-- 
You received this message because you are subscribed to the Google Groups "Puppet Bugs" group.
To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-bugs@googlegroups.com.
Visit this group at https://groups.google.com/group/puppet-bugs.
For more options, visit https://groups.google.com/d/optout.


Jira (PUP-2354) agent is confused about cert state

2019-01-02 Thread Josh Cooper (JIRA)
Title: Message Title


 
 
 
 

 
 
 

 
   
 Josh Cooper commented on  PUP-2354  
 

  
 
 
 
 

 
 
  
 
 
 
 

 
  Re: agent is confused about cert state   
 

  
 
 
 
 

 
 We were not able to resolve the agent-side issues in Puppet6. That said, I am working on a set of PRs so the agent no longer uses the indirector to manage its cert/keys.  
 

  
 
 
 
 

 
 
 

 
 
 Add Comment  
 

  
 

  
 
 
 
  
 

  
 
 
 
 

 
 This message was sent by Atlassian JIRA (v7.7.1#77002-sha1:e75ca93)  
 
 

 
   
 

  
 

  
 

   





-- 
You received this message because you are subscribed to the Google Groups "Puppet Bugs" group.
To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-bugs@googlegroups.com.
Visit this group at https://groups.google.com/group/puppet-bugs.
For more options, visit https://groups.google.com/d/optout.


Jira (PUP-2354) agent is confused about cert state

2018-10-05 Thread Jayant Sane (JIRA)
Title: Message Title


 
 
 
 

 
 
 

 
   
 Jayant Sane assigned an issue to Jayant Sane  
 

  
 
 
 
 

 
 
  
 
 
 
 

 
 Puppet /  PUP-2354  
 
 
  agent is confused about cert state   
 

  
 
 
 
 

 
Change By: 
 Jayant Sane  
 
 
Assignee: 
 Jayant Sane  
 

  
 
 
 
 

 
 
 

 
 
 Add Comment  
 

  
 

  
 
 
 
  
 

  
 
 
 
 

 
 This message was sent by Atlassian JIRA (v7.7.1#77002-sha1:e75ca93)  
 
 

 
   
 

  
 

  
 

   





-- 
You received this message because you are subscribed to the Google Groups "Puppet Bugs" group.
To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-bugs@googlegroups.com.
Visit this group at https://groups.google.com/group/puppet-bugs.
For more options, visit https://groups.google.com/d/optout.


Jira (PUP-2354) agent is confused about cert state

2018-09-05 Thread Noam Davida (JIRA)
Title: Message Title


 
 
 
 

 
 
 

 
   
 Noam Davida commented on  PUP-2354  
 

  
 
 
 
 

 
 
  
 
 
 
 

 
  Re: agent is confused about cert state   
 

  
 
 
 
 

 
 Still same issue, guys we can't work like this, can someone fix this please? This feature is useless: 
 

 
 
allow_duplicate_certs = true 
 

 
  I'm using Puppet in lab env, needs to reinstall multiple machines daily,  Please either fix above or release an option to not use certification at all.      
 

  
 
 
 
 

 
 
 

 
 
 Add Comment  
 

  
 

  
 
 
 
  
 

  
 
 
 
 

 
 This message was sent by Atlassian JIRA (v7.7.1#77002-sha1:e75ca93)  
 
 

 
   
 

  
 

  
 

   





-- 
You received this message because you are subscribed to the Google Groups "Puppet Bugs" group.
To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-bugs@googlegroups.com.
Visit this group at https://groups.google.com/group/puppet-bugs.
For more options, visit https://groups.google.com/d/optout.


Jira (PUP-2354) agent is confused about cert state

2018-09-05 Thread Noam Davida (JIRA)
Title: Message Title


 
 
 
 

 
 
 

 
   
 Noam Davida updated an issue  
 

  
 
 
 
 

 
 
  
 
 
 
 

 
 Puppet /  PUP-2354  
 
 
  agent is confused about cert state   
 

  
 
 
 
 

 
Change By: 
 Noam Davida  
 
 
Priority: 
 Normal Critical  
 

  
 
 
 
 

 
 
 

 
 
 Add Comment  
 

  
 

  
 
 
 
  
 

  
 
 
 
 

 
 This message was sent by Atlassian JIRA (v7.7.1#77002-sha1:e75ca93)  
 
 

 
   
 

  
 

  
 

   





-- 
You received this message because you are subscribed to the Google Groups "Puppet Bugs" group.
To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-bugs@googlegroups.com.
Visit this group at https://groups.google.com/group/puppet-bugs.
For more options, visit https://groups.google.com/d/optout.


Jira (PUP-2354) agent is confused about cert state

2018-04-18 Thread Tama MA (JIRA)
Title: Message Title


 
 
 
 

 
 
 

 
   
 Tama MA commented on  PUP-2354  
 

  
 
 
 
 

 
 
  
 
 
 
 

 
  Re: agent is confused about cert state   
 

  
 
 
 
 

 
 Matt Moldvan Your workaround will work. Thank you so much!  
 

  
 
 
 
 

 
 
 

 
 
 Add Comment  
 

  
 

  
 
 
 
  
 

  
 
 
 
 

 
 This message was sent by Atlassian JIRA (v7.7.1#77002-sha1:e75ca93)  
 
 

 
   
 

  
 

  
 

   





-- 
You received this message because you are subscribed to the Google Groups "Puppet Bugs" group.
To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-bugs@googlegroups.com.
Visit this group at https://groups.google.com/group/puppet-bugs.
For more options, visit https://groups.google.com/d/optout.


Jira (PUP-2354) agent is confused about cert state

2018-04-18 Thread Matt Moldvan (JIRA)
Title: Message Title


 
 
 
 

 
 
 

 
   
 Matt Moldvan commented on  PUP-2354  
 

  
 
 
 
 

 
 
  
 
 
 
 

 
  Re: agent is confused about cert state   
 

  
 
 
 
 

 
 Years later and I ran into this today when attempting to assist set up of an auto scaled environment in AWS.  Unfortunate that this is still a thing in 2018. At first appending the EC2 instance id to the beginning of the cert name was working, but when attempting to run Puppet from an EC2 user data script, the behavior was unpredictable and I got the dreaded key mismatch error.  So I found allow_duplicate_certs, set it to true and thought we'd be good, but then found this bug report still lingering with one or two "can I have an update" every year or two. I ended up having the devs use uuidgen in the certname option to create a temporary cert when new instances are provisioned.  I don't foresee a collision there or issues with accessing the EC2 metadata early in the provision process, so that appears to be a workaround for now.  Leaving it here for anyone else that runs into this same issue...  
 

  
 
 
 
 

 
 
 

 
 
 Add Comment  
 

  
 

  
 
 
 
  
 

  
 
 
 
 

 
 This message was sent by Atlassian JIRA (v7.7.1#77002-sha1:e75ca93)  
 
 

 
   
 

  
 

  
 

   





-- 
You received this message because you are subscribed to the Google Groups "Puppet Bugs" group.
To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-bugs@googlegroups.com.
Visit this group at https://groups.google.com/group/puppet-bugs.
For more options, visit https://groups.google.com/d/optout.


Jira (PUP-2354) agent is confused about cert state

2018-03-23 Thread Tama MA (JIRA)
Title: Message Title


 
 
 
 

 
 
 

 
   
 Tama MA commented on  PUP-2354  
 

  
 
 
 
 

 
 
  
 
 
 
 

 
  Re: agent is confused about cert state   
 

  
 
 
 
 

 
 Is there anyway to get rid of SSL altogether? +My entire cluster runs on top of VPN, so I do not need SSL from puppet. Otherwise, I will need allow_duplicate_certs = true to work on agents. It is really unproductive to delete certs from the master, everytime I vagrant destroy / up couple of nodes per day.  
 

  
 
 
 
 

 
 
 

 
 
 Add Comment  
 

  
 

  
 
 
 
  
 

  
 
 
 
 

 
 This message was sent by Atlassian JIRA (v7.7.1#77002-sha1:e75ca93)  
 
 

 
   
 

  
 

  
 

   





-- 
You received this message because you are subscribed to the Google Groups "Puppet Bugs" group.
To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-bugs@googlegroups.com.
Visit this group at https://groups.google.com/group/puppet-bugs.
For more options, visit https://groups.google.com/d/optout.


Jira (PUP-2354) agent is confused about cert state

2018-03-16 Thread Josh Cooper (JIRA)
Title: Message Title


 
 
 
 

 
 
 

 
   
 Josh Cooper updated an issue  
 

  
 
 
 
 

 
 
  
 
 
 
 

 
 Puppet /  PUP-2354  
 
 
  agent is confused about cert state   
 

  
 
 
 
 

 
Change By: 
 Josh Cooper  
 
 
Sub-team: 
 Coremunity  
 

  
 
 
 
 

 
 
 

 
 
 Add Comment  
 

  
 

  
 
 
 
  
 

  
 
 
 
 

 
 This message was sent by Atlassian JIRA (v7.7.1#77002-sha1:e75ca93)  
 
 

 
   
 

  
 

  
 

   





-- 
You received this message because you are subscribed to the Google Groups "Puppet Bugs" group.
To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-bugs@googlegroups.com.
Visit this group at https://groups.google.com/group/puppet-bugs.
For more options, visit https://groups.google.com/d/optout.


Jira (PUP-2354) agent is confused about cert state

2017-11-08 Thread Daniel Heller (JIRA)
Title: Message Title
 
 
 
 
 
 
 
 
 
 
  
 
 Daniel Heller commented on  PUP-2354 
 
 
 
 
 
 
 
 
 
 

 
 
 
 
 
 
 
  Re: agent is confused about cert state  
 
 
 
 
 
 
 
 
 
 
I'd appreciate an update too. Any chance of a fix in Puppet 5? 
And I presume the misspelling of allow_duplicate_certs in the Description is just a typo there, ie nobody's actually tested with it like that? 
 
 
 
 
 
 
 
 
 
 
 
 

 
 Add Comment 
 
 
 
 
 
 
 
 
 
 

 
 
 
 
 
 
 
 
 
 

 This message was sent by Atlassian JIRA (v7.0.2#70111-sha1:88534db) 
 
 
 
 
  
 
 
 
 
 
 
 
 
   





-- 
You received this message because you are subscribed to the Google Groups "Puppet Bugs" group.
To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-bugs@googlegroups.com.
Visit this group at https://groups.google.com/group/puppet-bugs.
For more options, visit https://groups.google.com/d/optout.


Jira (PUP-2354) agent is confused about cert state

2017-11-08 Thread Eric Sorenson (JIRA)
Title: Message Title
 
 
 
 
 
 
 
 
 
 
  
 
 Eric Sorenson updated an issue 
 
 
 
 
 
 
 
 
 
 

 
 
 
 
 
 
 
 Puppet /  PUP-2354 
 
 
 
  agent is confused about cert state  
 
 
 
 
 
 
 
 
 

Change By:
 
 Eric Sorenson 
 
 
 
 
 
 
 
 
 
 On my master, I set:{code}[main]   allow_deplicate_certs   allow_duplicate_certs  = true{code}on the master, I regenerate a private key, I get the failure:{noformat}root@cygnet-2:~# puppet agent -t --ssldir=/tmp/info: Creating a new SSL key for cygnet-2.cygnet.labwarning: peer certificate won't be verified in this SSL sessioninfo: Caching certificate for cawarning: peer certificate won't be verified in this SSL sessioninfo: Caching certificate for cygnet-2.cygnet.laberr: Could not request certificate: The certificate retrieved from the master does not match the agent's private key.Certificate fingerprint: B5:FE:4C:B6:D8:75:2C:8D:FD:05:48:53:43:DC:B4:10To fix this, remove the certificate from both the master and the agent and then start a puppet run, which will automatically regenerate a certficate.On the master:  puppet cert clean cygnet-2.cygnet.labOn the agent:  rm -f /tmp/certs/cygnet-2.cygnet.lab.pem  puppet agent -t{noformat}It appears that the agent does not actually resend its cert req if one already exists, meaning that allow duplicate certs does not work with puppet agent.This issue was observed with Puppet 2.7.12, but I do not believe it is a regression. 
 
 
 
 
 
 
 
 
 
 
 
 

 
 Add Comment 
 
 
 
 
 
 
 
 
 
 

 
 
 
 
 
 
 
 
 
 

 This message was sent by Atlassian JIRA (v7.0.2#70111-sha1:88534db) 
 
 
 
 
  
 
 
 
 
 
 
 
 
   





-- 
You received this message because you are subscribed to the Google Groups "Puppet Bugs" group.
To unsubscribe from this group and stop receiving emails from it, send an email to 

Jira (PUP-2354) agent is confused about cert state

2017-08-07 Thread Karen Van der Veer (JIRA)
Title: Message Title
 
 
 
 
 
 
 
 
 
 
  
 
 Karen Van der Veer updated an issue 
 
 
 
 
 
 
 
 
 
 

 
 
 
 
 
 
 
 Puppet /  PUP-2354 
 
 
 
  agent is confused about cert state  
 
 
 
 
 
 
 
 
 

Change By:
 
 Karen Van der Veer 
 
 
 

Sprint:
 
 Client 2016-05-18 , Platform Core Grooming 
 
 
 
 
 
 
 
 
 
 
 
 

 
 Add Comment 
 
 
 
 
 
 
 
 
 
 

 
 
 
 
 
 
 
 
 
 

 This message was sent by Atlassian JIRA (v6.4.14#64029-sha1:ae256fe) 
 
 
 
 
  
 
 
 
 
 
 
 
 
   





-- 
You received this message because you are subscribed to the Google Groups "Puppet Bugs" group.
To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-bugs@googlegroups.com.
Visit this group at https://groups.google.com/group/puppet-bugs.
For more options, visit https://groups.google.com/d/optout.


Jira (PUP-2354) agent is confused about cert state

2017-08-04 Thread Karen Van der Veer (JIRA)
Title: Message Title
 
 
 
 
 
 
 
 
 
 
  
 
 Karen Van der Veer updated an issue 
 
 
 
 
 
 
 
 
 
 

 
 
 
 
 
 
 
 Puppet /  PUP-2354 
 
 
 
  agent is confused about cert state  
 
 
 
 
 
 
 
 
 

Change By:
 
 Karen Van der Veer 
 
 
 

Sprint:
 
 Client 2016-05-18, Platform Core  2017-09-19  Grooming 
 
 
 
 
 
 
 
 
 
 
 
 

 
 Add Comment 
 
 
 
 
 
 
 
 
 
 

 
 
 
 
 
 
 
 
 
 

 This message was sent by Atlassian JIRA (v6.4.14#64029-sha1:ae256fe) 
 
 
 
 
  
 
 
 
 
 
 
 
 
   





-- 
You received this message because you are subscribed to the Google Groups "Puppet Bugs" group.
To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-bugs@googlegroups.com.
Visit this group at https://groups.google.com/group/puppet-bugs.
For more options, visit https://groups.google.com/d/optout.


Jira (PUP-2354) agent is confused about cert state

2017-08-04 Thread Karen Van der Veer (JIRA)
Title: Message Title
 
 
 
 
 
 
 
 
 
 
  
 
 Karen Van der Veer updated an issue 
 
 
 
 
 
 
 
 
 
 

 
 
 
 
 
 
 
 Puppet /  PUP-2354 
 
 
 
  agent is confused about cert state  
 
 
 
 
 
 
 
 
 

Change By:
 
 Karen Van der Veer 
 
 
 

Sprint:
 
 Client 2016-05-18, Platform Core 2017-09- 05 19 
 
 
 
 
 
 
 
 
 
 
 
 

 
 Add Comment 
 
 
 
 
 
 
 
 
 
 

 
 
 
 
 
 
 
 
 
 

 This message was sent by Atlassian JIRA (v6.4.14#64029-sha1:ae256fe) 
 
 
 
 
  
 
 
 
 
 
 
 
 
   





-- 
You received this message because you are subscribed to the Google Groups "Puppet Bugs" group.
To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-bugs@googlegroups.com.
Visit this group at https://groups.google.com/group/puppet-bugs.
For more options, visit https://groups.google.com/d/optout.


Jira (PUP-2354) agent is confused about cert state

2017-08-01 Thread Maggie Dreyer (JIRA)
Title: Message Title
 
 
 
 
 
 
 
 
 
 
  
 
 Maggie Dreyer updated an issue 
 
 
 
 
 
 
 
 
 
 

 
 
 
 
 
 
 
 Puppet /  PUP-2354 
 
 
 
  agent is confused about cert state  
 
 
 
 
 
 
 
 
 

Change By:
 
 Maggie Dreyer 
 
 
 

Sprint:
 
 Client 2016-05-18 , Platform Core 2017-09-05 
 
 
 
 
 
 
 
 
 
 
 
 

 
 Add Comment 
 
 
 
 
 
 
 
 
 
 

 
 
 
 
 
 
 
 
 
 

 This message was sent by Atlassian JIRA (v6.4.14#64029-sha1:ae256fe) 
 
 
 
 
  
 
 
 
 
 
 
 
 
   





-- 
You received this message because you are subscribed to the Google Groups "Puppet Bugs" group.
To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-bugs@googlegroups.com.
Visit this group at https://groups.google.com/group/puppet-bugs.
For more options, visit https://groups.google.com/d/optout.


Jira (PUP-2354) agent is confused about cert state

2017-07-03 Thread James G (JIRA)
Title: Message Title
 
 
 
 
 
 
 
 
 
 
  
 
 James G commented on  PUP-2354 
 
 
 
 
 
 
 
 
 
 

 
 
 
 
 
 
 
  Re: agent is confused about cert state  
 
 
 
 
 
 
 
 
 
 
Still broken on 4.10. Seriously guys, are you going for a record on longest lasting bug in code history? 
 
 
 
 
 
 
 
 
 
 
 
 

 
 Add Comment 
 
 
 
 
 
 
 
 
 
 

 
 
 
 
 
 
 
 
 
 

 This message was sent by Atlassian JIRA (v6.4.14#64029-sha1:ae256fe) 
 
 
 
 
  
 
 
 
 
 
 
 
 
   





-- 
You received this message because you are subscribed to the Google Groups "Puppet Bugs" group.
To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-bugs@googlegroups.com.
Visit this group at https://groups.google.com/group/puppet-bugs.
For more options, visit https://groups.google.com/d/optout.


Jira (PUP-2354) agent is confused about cert state

2017-05-18 Thread Moses Mendoza (JIRA)
Title: Message Title
 
 
 
 
 
 
 
 
 
 
  
 
 Moses Mendoza updated an issue 
 
 
 
 
 
 
 
 
 
 

 
 
 
 
 
 
 
 Puppet /  PUP-2354 
 
 
 
  agent is confused about cert state  
 
 
 
 
 
 
 
 
 

Change By:
 
 Moses Mendoza 
 
 
 

Labels:
 
 redmine  triaged 
 
 
 
 
 
 
 
 
 
 
 
 

 
 Add Comment 
 
 
 
 
 
 
 
 
 
 

 
 
 
 
 
 
 
 
 
 

 This message was sent by Atlassian JIRA (v6.4.14#64029-sha1:ae256fe) 
 
 
 
 
  
 
 
 
 
 
 
 
 
   





-- 
You received this message because you are subscribed to the Google Groups "Puppet Bugs" group.
To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-bugs@googlegroups.com.
Visit this group at https://groups.google.com/group/puppet-bugs.
For more options, visit https://groups.google.com/d/optout.


Jira (PUP-2354) agent is confused about cert state

2017-05-16 Thread Maggie Dreyer (JIRA)
Title: Message Title
 
 
 
 
 
 
 
 
 
 
  
 
 Maggie Dreyer updated an issue 
 
 
 
 
 
 
 
 
 
 

 
 
 
 
 
 
 
 Puppet /  PUP-2354 
 
 
 
  agent is confused about cert state  
 
 
 
 
 
 
 
 
 

Change By:
 
 Maggie Dreyer 
 
 
 

Team:
 
 Agent 
 
 
 
 
 
 
 
 
 
 
 
 

 
 Add Comment 
 
 
 
 
 
 
 
 
 
 

 
 
 
 
 
 
 
 
 
 

 This message was sent by Atlassian JIRA (v6.4.14#64029-sha1:ae256fe) 
 
 
 
 
  
 
 
 
 
 
 
 
 
   





-- 
You received this message because you are subscribed to the Google Groups "Puppet Bugs" group.
To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-bugs@googlegroups.com.
Visit this group at https://groups.google.com/group/puppet-bugs.
For more options, visit https://groups.google.com/d/optout.


Jira (PUP-2354) agent is confused about cert state

2017-05-16 Thread Maggie Dreyer (JIRA)
Title: Message Title
 
 
 
 
 
 
 
 
 
 
  
 
 Maggie Dreyer updated an issue 
 
 
 
 
 
 
 
 
 
 

 
 
 
 
 
 
 
 Puppet /  PUP-2354 
 
 
 
  agent is confused about cert state  
 
 
 
 
 
 
 
 
 

Change By:
 
 Maggie Dreyer 
 
 
 

Labels:
 
 redmine  triaged 
 
 
 
 
 
 
 
 
 
 
 
 

 
 Add Comment 
 
 
 
 
 
 
 
 
 
 

 
 
 
 
 
 
 
 
 
 

 This message was sent by Atlassian JIRA (v6.4.14#64029-sha1:ae256fe) 
 
 
 
 
  
 
 
 
 
 
 
 
 
   





-- 
You received this message because you are subscribed to the Google Groups "Puppet Bugs" group.
To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-bugs@googlegroups.com.
Visit this group at https://groups.google.com/group/puppet-bugs.
For more options, visit https://groups.google.com/d/optout.


Jira (PUP-2354) agent is confused about cert state

2017-04-06 Thread Brandon Ess (JIRA)
Title: Message Title
 
 
 
 
 
 
 
 
 
 
  
 
 Brandon Ess commented on  PUP-2354 
 
 
 
 
 
 
 
 
 
 

 
 
 
 
 
 
 
  Re: agent is confused about cert state  
 
 
 
 
 
 
 
 
 
 
Any update on this issue? I would like to get this feature working as expected. Running PE 2016.4.3. 
 
 
 
 
 
 
 
 
 
 
 
 

 
 Add Comment 
 
 
 
 
 
 
 
 
 
 

 
 
 
 
 
 
 
 
 
 

 This message was sent by Atlassian JIRA (v6.4.14#64029-sha1:ae256fe) 
 
 
 
 
  
 
 
 
 
 
 
 
 
   





-- 
You received this message because you are subscribed to the Google Groups "Puppet Bugs" group.
To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-bugs@googlegroups.com.
Visit this group at https://groups.google.com/group/puppet-bugs.
For more options, visit https://groups.google.com/d/optout.


Jira (PUP-2354) agent is confused about cert state

2016-07-08 Thread William Hopper (JIRA)
Title: Message Title
 
 
 
 
 
 
 
 
 
 
  
 
 William Hopper updated an issue 
 
 
 
 
 
 
 
 
 
 

 
 
 
 
 
 
 
 Puppet /  PUP-2354 
 
 
 
  agent is confused about cert state  
 
 
 
 
 
 
 
 
 

Change By:
 
 William Hopper 
 
 
 

Sprint:
 
 Client 2016-05-18 , Client 2016-07-13 (HA, 1.5.3) 
 
 
 
 
 
 
 
 
 
 
 
 

 
 Add Comment 
 
 
 
 
 
 
 
 
 
 

 
 
 
 
 
 
 
 
 
 

 This message was sent by Atlassian JIRA (v6.4.13#64028-sha1:b7939e9) 
 
 
 
 
  
 
 
 
 
 
 
 
 
   





-- 
You received this message because you are subscribed to the Google Groups "Puppet Bugs" group.
To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-bugs@googlegroups.com.
Visit this group at https://groups.google.com/group/puppet-bugs.
For more options, visit https://groups.google.com/d/optout.


Jira (PUP-2354) agent is confused about cert state

2016-06-22 Thread Eric Sorenson (JIRA)
Title: Message Title
 
 
 
 
 
 
 
 
 
 
  
 
 Eric Sorenson commented on  PUP-2354 
 
 
 
 
 
 
 
 
 
 

 
 
 
 
 
 
 
  Re: agent is confused about cert state  
 
 
 
 
 
 
 
 
 
 
ping Stan Duffy and Adrien Thebo since we talked about this in the backlog grooming - hoisting this up for investigation. 
 
 
 
 
 
 
 
 
 
 
 
 

 
 Add Comment 
 
 
 
 
 
 
 
 
 
 

 
 
 
 
 
 
 
 
 
 

 This message was sent by Atlassian JIRA (v6.4.13#64028-sha1:b7939e9) 
 
 
 
 
  
 
 
 
 
 
 
 
 
   





-- 
You received this message because you are subscribed to the Google Groups "Puppet Bugs" group.
To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-bugs@googlegroups.com.
Visit this group at https://groups.google.com/group/puppet-bugs.
For more options, visit https://groups.google.com/d/optout.


Jira (PUP-2354) agent is confused about cert state

2016-06-22 Thread Eric Sorenson (JIRA)
Title: Message Title
 
 
 
 
 
 
 
 
 
 
  
 
 Eric Sorenson updated an issue 
 
 
 
 
 
 
 
 
 
 

 
 
 
 
 
 
 
 Puppet /  PUP-2354 
 
 
 
  agent is confused about cert state  
 
 
 
 
 
 
 
 
 

Change By:
 
 Eric Sorenson 
 
 
 

Sprint:
 
 Client  Community Triage, Client  2016-05-18 , Client 2016-07-13 (HA, 1.5.3) 
 
 
 
 
 
 
 
 
 
 
 
 

 
 Add Comment 
 
 
 
 
 
 
 
 
 
 

 
 
 
 
 
 
 
 
 
 

 This message was sent by Atlassian JIRA (v6.4.13#64028-sha1:b7939e9) 
 
 
 
 
  
 
 
 
 
 
 
 
 
   





-- 
You received this message because you are subscribed to the Google Groups "Puppet Bugs" group.
To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-bugs@googlegroups.com.
Visit this group at https://groups.google.com/group/puppet-bugs.
For more options, visit https://groups.google.com/d/optout.


Jira (PUP-2354) agent is confused about cert state

2016-06-09 Thread Pierre-Gilles Mialon (JIRA)
Title: Message Title
 
 
 
 
 
 
 
 
 
 
  
 
 Pierre-Gilles Mialon commented on  PUP-2354 
 
 
 
 
 
 
 
 
 
 

 
 
 
 
 
 
 
  Re: agent is confused about cert state  
 
 
 
 
 
 
 
 
 
 
We have also tested this patch it works as expected, thanks! I see that this patch is in community triage, when is the next step? 
 
 
 
 
 
 
 
 
 
 
 
 

 
 Add Comment 
 
 
 
 
 
 
 
 
 
 

 
 
 
 
 
 
 
 
 
 

 This message was sent by Atlassian JIRA (v6.4.13#64028-sha1:b7939e9) 
 
 
 
 
  
 
 
 
 
 
 
 
 
   





-- 
You received this message because you are subscribed to the Google Groups "Puppet Bugs" group.
To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-bugs@googlegroups.com.
Visit this group at https://groups.google.com/group/puppet-bugs.
For more options, visit https://groups.google.com/d/optout.


Jira (PUP-2354) agent is confused about cert state

2016-05-18 Thread Branan Riley (JIRA)
Title: Message Title
 
 
 
 
 
 
 
 
 
 
  
 
 Branan Riley updated an issue 
 
 
 
 
 
 
 
 
 
 

 
 
 
 
 
 
 
 Puppet /  PUP-2354 
 
 
 
  agent is confused about cert state  
 
 
 
 
 
 
 
 
 

Change By:
 
 Branan Riley 
 
 
 

Sprint:
 
 Client  2016-05-18  Community Triage , Client 2016- 06 05 - 01 18 
 
 
 
 
 
 
 
 
 
 
 
 

 
 Add Comment 
 
 
 
 
 
 
 
 
 
 

 
 
 
 
 
 
 
 
 
 

 This message was sent by Atlassian JIRA (v6.4.13#64028-sha1:b7939e9) 
 
 
 
 
  
 
 
 
 
 
 
 
 
   





-- 
You received this message because you are subscribed to the Google Groups "Puppet Bugs" group.
To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-bugs@googlegroups.com.
Visit this group at https://groups.google.com/group/puppet-bugs.
For more options, visit https://groups.google.com/d/optout.


Jira (PUP-2354) agent is confused about cert state

2016-05-18 Thread Steve Barlow (JIRA)
Title: Message Title
 
 
 
 
 
 
 
 
 
 
  
 
 Steve Barlow updated an issue 
 
 
 
 
 
 
 
 
 
 

 
 
 
 
 
 
 
 Puppet /  PUP-2354 
 
 
 
  agent is confused about cert state  
 
 
 
 
 
 
 
 
 

Change By:
 
 Steve Barlow 
 
 
 

Sprint:
 
 Client 2016-05-18 , Client 2016-06-01 
 
 
 
 
 
 
 
 
 
 
 
 

 
 Add Comment 
 
 
 
 
 
 
 
 
 
 

 
 
 
 
 
 
 
 
 
 

 This message was sent by Atlassian JIRA (v6.4.13#64028-sha1:b7939e9) 
 
 
 
 
  
 
 
 
 
 
 
 
 
   





-- 
You received this message because you are subscribed to the Google Groups "Puppet Bugs" group.
To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-bugs@googlegroups.com.
Visit this group at https://groups.google.com/group/puppet-bugs.
For more options, visit https://groups.google.com/d/optout.


Jira (PUP-2354) agent is confused about cert state

2016-05-04 Thread Stan Duffy (JIRA)
Title: Message Title
 
 
 
 
 
 
 
 
 
 
  
 
 Stan Duffy updated an issue 
 
 
 
 
 
 
 
 
 
 

 
 
 
 
 
 
 
 Puppet /  PUP-2354 
 
 
 
  agent is confused about cert state  
 
 
 
 
 
 
 
 
 

Change By:
 
 Stan Duffy 
 
 
 

QA Risk Assessment Reason:
 
 Happens all the tie 
 
 
 

QA Highest Test Level:
 
 Acceptance 
 
 
 

QA Risk Severity Reason:
 
 Duplicate certs are rarely required 
 
 
 

QA Risk Probability:
 
 Low 
 
 
 

QA Risk Severity:
 
 Medium 
 
 
 

QA Status:
 
 Reviewed 
 
 
 
 
 
 
 
 
 
 
 
 

 
 Add Comment 
 
 
 
 
 
 
 
 
 
 

 
 
 
 
 
 
 
 
 
 

 This message was sent by Atlassian JIRA (v6.4.13#64028-sha1:b7939e9) 
 
 
 
 
  
 

Jira (PUP-2354) agent is confused about cert state

2016-05-04 Thread Stan Duffy (JIRA)
Title: Message Title
 
 
 
 
 
 
 
 
 
 
  
 
 Stan Duffy updated an issue 
 
 
 
 
 
 
 
 
 
 

 
 
 
 
 
 
 
 Puppet /  PUP-2354 
 
 
 
  agent is confused about cert state  
 
 
 
 
 
 
 
 
 

Change By:
 
 Stan Duffy 
 
 
 

QA Risk Assessment:
 
 High 
 
 
 
 
 
 
 
 
 
 
 
 

 
 Add Comment 
 
 
 
 
 
 
 
 
 
 

 
 
 
 
 
 
 
 
 
 

 This message was sent by Atlassian JIRA (v6.4.13#64028-sha1:b7939e9) 
 
 
 
 
  
 
 
 
 
 
 
 
 
   





-- 
You received this message because you are subscribed to the Google Groups "Puppet Bugs" group.
To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-bugs@googlegroups.com.
Visit this group at https://groups.google.com/group/puppet-bugs.
For more options, visit https://groups.google.com/d/optout.


Jira (PUP-2354) agent is confused about cert state

2016-05-04 Thread Branan Riley (JIRA)
Title: Message Title
 
 
 
 
 
 
 
 
 
 
  
 
 Branan Riley updated an issue 
 
 
 
 
 
 
 
 
 
 

 
 
 
 
 
 
 
 Puppet /  PUP-2354 
 
 
 
  agent is confused about cert state  
 
 
 
 
 
 
 
 
 

Change By:
 
 Branan Riley 
 
 
 

Story Points:
 
 1 
 
 
 
 
 
 
 
 
 
 
 
 

 
 Add Comment 
 
 
 
 
 
 
 
 
 
 

 
 
 
 
 
 
 
 
 
 

 This message was sent by Atlassian JIRA (v6.4.13#64028-sha1:b7939e9) 
 
 
 
 
  
 
 
 
 
 
 
 
 
   





-- 
You received this message because you are subscribed to the Google Groups "Puppet Bugs" group.
To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-bugs@googlegroups.com.
Visit this group at https://groups.google.com/group/puppet-bugs.
For more options, visit https://groups.google.com/d/optout.


Jira (PUP-2354) agent is confused about cert state

2016-05-04 Thread Steve Barlow (JIRA)
Title: Message Title
 
 
 
 
 
 
 
 
 
 
  
 
 Steve Barlow updated an issue 
 
 
 
 
 
 
 
 
 
 

 
 
 
 
 
 
 
 Puppet /  PUP-2354 
 
 
 
  agent is confused about cert state  
 
 
 
 
 
 
 
 
 

Change By:
 
 Steve Barlow 
 
 
 

Scrum Team:
 
 Client Platform 
 
 
 
 
 
 
 
 
 
 
 
 

 
 Add Comment 
 
 
 
 
 
 
 
 
 
 

 
 
 
 
 
 
 
 
 
 

 This message was sent by Atlassian JIRA (v6.4.13#64028-sha1:b7939e9) 
 
 
 
 
  
 
 
 
 
 
 
 
 
   





-- 
You received this message because you are subscribed to the Google Groups "Puppet Bugs" group.
To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-bugs@googlegroups.com.
Visit this group at https://groups.google.com/group/puppet-bugs.
For more options, visit https://groups.google.com/d/optout.


Jira (PUP-2354) agent is confused about cert state

2016-05-03 Thread Branan Riley (JIRA)
Title: Message Title
 
 
 
 
 
 
 
 
 
 
  
 
 Branan Riley assigned an issue to Branan Riley 
 
 
 
 
 
 
 
 
 
 

 
 
 
 
 
 
 
 Puppet /  PUP-2354 
 
 
 
  agent is confused about cert state  
 
 
 
 
 
 
 
 
 

Change By:
 
 Branan Riley 
 
 
 

Assignee:
 
 Branan Riley 
 
 
 
 
 
 
 
 
 
 
 
 

 
 Add Comment 
 
 
 
 
 
 
 
 
 
 

 
 
 
 
 
 
 
 
 
 

 This message was sent by Atlassian JIRA (v6.4.13#64028-sha1:b7939e9) 
 
 
 
 
  
 
 
 
 
 
 
 
 
   





-- 
You received this message because you are subscribed to the Google Groups "Puppet Bugs" group.
To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-bugs@googlegroups.com.
Visit this group at https://groups.google.com/group/puppet-bugs.
For more options, visit https://groups.google.com/d/optout.


Jira (PUP-2354) agent is confused about cert state

2016-05-03 Thread Branan Riley (JIRA)
Title: Message Title
 
 
 
 
 
 
 
 
 
 
  
 
 Branan Riley updated an issue 
 
 
 
 
 
 
 
 
 
 

 
 
 
 
 
 
 
 Puppet /  PUP-2354 
 
 
 
  agent is confused about cert state  
 
 
 
 
 
 
 
 
 

Change By:
 
 Branan Riley 
 
 
 

Sprint:
 
 Client 2016-05-18 (Freeze) 
 
 
 
 
 
 
 
 
 
 
 
 

 
 Add Comment 
 
 
 
 
 
 
 
 
 
 

 
 
 
 
 
 
 
 
 
 

 This message was sent by Atlassian JIRA (v6.4.13#64028-sha1:b7939e9) 
 
 
 
 
  
 
 
 
 
 
 
 
 
   





-- 
You received this message because you are subscribed to the Google Groups "Puppet Bugs" group.
To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-bugs@googlegroups.com.
Visit this group at https://groups.google.com/group/puppet-bugs.
For more options, visit https://groups.google.com/d/optout.


Jira (PUP-2354) agent is confused about cert state

2016-04-20 Thread JIRA
Title: Message Title
 
 
 
 
 
 
 
 
 
 
  
 
 Raphaël RONDEAU commented on  PUP-2354 
 
 
 
 
 
 
 
 
 
 

 
 
 
 
 
 
 
  Re: agent is confused about cert state  
 
 
 
 
 
 
 
 
 
 
I made a quick patch, tested on my infra, let me know if it's ok for you. 
https://github.com/puppetlabs/puppet/pull/4897 
 
 
 
 
 
 
 
 
 
 
 
 

 
 Add Comment 
 
 
 
 
 
 
 
 
 
 

 
 
 
 
 
 
 
 
 
 

 This message was sent by Atlassian JIRA (v6.4.13#64028-sha1:b7939e9) 
 
 
 
 
  
 
 
 
 
 
 
 
 
   





-- 
You received this message because you are subscribed to the Google Groups "Puppet Bugs" group.
To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-bugs@googlegroups.com.
Visit this group at https://groups.google.com/group/puppet-bugs.
For more options, visit https://groups.google.com/d/optout.


Jira (PUP-2354) agent is confused about cert state

2016-03-30 Thread Harley Larsen (JIRA)
Title: Message Title
 
 
 
 
 
 
 
 
 
 
  
 
 Harley Larsen commented on  PUP-2354 
 
 
 
 
 
 
 
 
 
 

 
 
 
 
 
 
 
  Re: agent is confused about cert state  
 
 
 
 
 
 
 
 
 
 
Looks like we're seeing this one as well - since it's been a few months, can anyone provide any new insight? I'm more than happy to help debug, but it seems pretty clear there is an issue here. 
 
 
 
 
 
 
 
 
 
 
 
 

 
 Add Comment 
 
 
 
 
 
 
 
 
 
 

 
 
 
 
 
 
 
 
 
 

 This message was sent by Atlassian JIRA (v6.4.13#64028-sha1:b7939e9) 
 
 
 
 
  
 
 
 
 
 
 
 
 
   





-- 
You received this message because you are subscribed to the Google Groups "Puppet Bugs" group.
To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-bugs@googlegroups.com.
Visit this group at https://groups.google.com/group/puppet-bugs.
For more options, visit https://groups.google.com/d/optout.


Jira (PUP-2354) agent is confused about cert state

2016-01-18 Thread Ahmad Jagot (JIRA)
Title: Message Title
 
 
 
 
 
 
 
 
 
 
  
 
 Ahmad Jagot commented on  PUP-2354 
 
 
 
 
 
 
 
 
 
 

 
 
 
 
 
 
 
  Re: agent is confused about cert state  
 
 
 
 
 
 
 
 
 
 
This is still broken on 3.8.1 
We've tried Eric Sorenson's suggestion, which does not work either – the script does not get run, because [afaict] the client refuses to talk to the CA, when the public key the latter provides doesn’t verify against the former’s freshly-generated SSL key. 
 
 
 
 
 
 
 
 
 
 
 
 

 
 Add Comment 
 
 
 
 
 
 
 
 
 
 

 
 
 
 
 
 
 
 
 
 

 This message was sent by Atlassian JIRA (v6.4.12#64027-sha1:e3691cc) 
 
 
 
 
  
 
 
 
 
 
 
 
 
   





-- 
You received this message because you are subscribed to the Google Groups "Puppet Bugs" group.
To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-bugs@googlegroups.com.
Visit this group at https://groups.google.com/group/puppet-bugs.
For more options, visit https://groups.google.com/d/optout.


Jira (PUP-2354) agent is confused about cert state

2015-10-19 Thread Kristin Laemmert (JIRA)
Title: Message Title
 
 
 
 
 
 
 
 
 
 
  
 
 Kristin Laemmert commented on  PUP-2354 
 
 
 
 
 
 
 
 
 
 

 
 
 
 
 
 
 
  Re: agent is confused about cert state  
 
 
 
 
 
 
 
 
 
 
I'm a year late to the game, but: I would much rather this be fixed or removed from documentation - I already auto-sign everything, I don't want to add a step there if this should be an available option.  I'm on PE 3.8  
 
 
 
 
 
 
 
 
 
 
 
 

 
 Add Comment 
 
 
 
 
 
 
 
 
 
 

 
 
 
 
 
 
 
 
 
 

 This message was sent by Atlassian JIRA (v6.4.11#64026-sha1:78f6ec4) 
 
 
 
 
  
 
 
 
 
 
 
 
 
   





-- 
You received this message because you are subscribed to the Google Groups "Puppet Bugs" group.
To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-bugs@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-bugs.
For more options, visit https://groups.google.com/d/optout.


Jira (PUP-2354) agent is confused about cert state

2014-12-29 Thread Aaron Armstrong (JIRA)
Title: Message Title
 
 
 
 
 
 
 
 
 
 
  
 
 Aaron Armstrong updated an issue 
 
 
 
 
 
 
 
 
 
 


 
 
 
 
 
 
 Puppet /  PUP-2354 
 
 
 
  agent is confused about cert state  
 
 
 
 
 
 
 
 
 

Change By:
 
 Aaron Armstrong 
 
 
 

Component/s:
 
 Server 
 
 
 
 
 
 
 
 
 
 
 
 

 
 Add Comment 
 
 
 
 
 
 
 
 
 
 


 
 
 
 
 
 
 
 
 

 This message was sent by Atlassian JIRA (v6.3.10#6340-sha1:7ea293a) 
 
 
 
 
  
 
 
 
 
 
 
 
 
   





-- 
You received this message because you are subscribed to the Google Groups Puppet Bugs group.
To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-bugs@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-bugs.
For more options, visit https://groups.google.com/d/optout.


Jira (PUP-2354) agent is confused about cert state

2014-12-29 Thread Aaron Armstrong (JIRA)
Title: Message Title
 
 
 
 
 
 
 
 
 
 
  
 
 Aaron Armstrong updated an issue 
 
 
 
 
 
 
 
 
 
 


 
 
 
 
 
 
 Puppet /  PUP-2354 
 
 
 
  agent is confused about cert state  
 
 
 
 
 
 
 
 
 

Change By:
 
 Aaron Armstrong 
 
 
 

Summary:
 
 agentisconfusedabout it's certstate 
 
 
 
 
 
 
 
 
 
 
 
 

 
 Add Comment 
 
 
 
 
 
 
 
 
 
 


 
 
 
 
 
 
 
 
 

 This message was sent by Atlassian JIRA (v6.3.10#6340-sha1:7ea293a) 
 
 
 
 
  
 
 
 
 
 
 
 
 
   





-- 
You received this message because you are subscribed to the Google Groups Puppet Bugs group.
To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-bugs@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-bugs.
For more options, visit https://groups.google.com/d/optout.