The Puppet Labs Issue Tracker has Moved: https://tickets.puppetlabs.com

This issue tracker is now in read-only archive mode and automatic ticket export has been disabled. Redmine users will need to create a new JIRA account to file tickets using https://tickets.puppetlabs.com. See the following page for information on filing tickets with JIRA:

Feature #21732

Support for loading PEM files directly for HTTPS instead of just keystores

Added by Ken Barber almost 3 years ago. Updated over 2 years ago.

Status:ClosedStart date:
Priority:NormalDue date:
Assignee:-% Done:

0%

Category:-
Target version:1.4.0
Keywords: Affected PuppetDB version:
Branch:https://github.com/kbarber/puppetdb/tree/feature/master/no-more-keystore

We've Moved!

Ticket tracking is now hosted in JIRA: https://tickets.puppetlabs.com


Description

Currently we only support certificates stored in Java keystores, we should provide options to point at regular PEM files and load the keystore in memory ourself.

  • The theory is that this will simplify debugging, as users can point openssl tool directly at the files we use.
  • By not needing to load files into the keystores, our puppetdb-ssl-setup steps will be simpler.
  • Custom SSL setups (without puppetdb-ssl-setup) will also be less cumbersome.
  • Hopefully in the future we can point directly at the agent certificates, although file permissions proves a challenge atm.

History

#1 Updated by Ken Barber almost 3 years ago

  • Status changed from Unreviewed to Accepted
  • Branch set to https://github.com/kbarber/puppetdb/tree/feature/master/no-more-keystore

#2 Updated by Ken Barber almost 3 years ago

  • Status changed from Accepted to In Topic Branch Pending Review
  • Target version set to 1.4.0

#3 Updated by Ken Barber over 2 years ago

  • Status changed from In Topic Branch Pending Review to Merged - Pending Release

#4 Updated by Ken Barber over 2 years ago

  • Status changed from Merged - Pending Release to Closed

Also available in: Atom PDF