The Puppet Labs Issue Tracker has Moved: https://tickets.puppetlabs.com
`puppetca --clean' does not remove the host CSR
|Affected Puppet version:||0.25.0||Branch:|
Ticket tracking is now hosted in JIRA: https://tickets.puppetlabs.com
This ticket may be automatically exported to the PUP project on JIRA using the button below:
After a `puppetca —clean
$libdir/puppet/ssl/csr_ file is left behind. The next puppetd invocation yields the following error:
err: Could not request certificate: Certificate does not match private key. Try 'puppetca --clean
' on the server.
But that advice doesn’t fix the problem.
What does work is removing the
$libdir/puppet/ssl/csr_ file after which the next puppetd invocation properly yields a new certificate.
To handle this case, should `puppetca —clean' not also remove the CSR file if present?
#8 Updated by Nicolas Valcarcel almost 4 years ago
I’m trying to work on this as my first contribution to puppet so i learn from the code and the community since it seems simple enough, after diving in the code i found that a line for removing the file from disk should be added in self.destroy function at ssl/host.rb the only issue i have to write that line is how to get the path of the certificate, i found that maybe the inventory class can help, but i don’t find the inheriting path to use it from that function, am i missing something?