Bug #14543
closed
PupeptCA Smart Proxy should "rm" certificate request files
Description
Currently, if a "unsigned" puppet certificate request should be "deleted", the smart proxy calls:
Apr 8 10:44:48 puppet sudo: foreman-proxy : TTY=unknown ; PWD=/ ; USER=root ; COMMAND=/usr/bin/puppet cert --ssldir #{ssldir} --clean webserver-test1.XX.XX.XX.XX
Apr 8 10:44:55 puppet sudo: foreman-proxy : TTY=unknown ; PWD=/ ; USER=root ; COMMAND=/usr/bin/puppet cert --ssldir #{ssldir} --list --all
Apr 8 10:44:55 puppet sudo: foreman-proxy : TTY=unknown ; PWD=/ ; USER=root ; COMMAND=/usr/bin/puppet cert --ssldir #{ssldir} --list --all
Apr 8 10:44:55 puppet sudo: foreman-proxy : TTY=unknown ; PWD=/ ; USER=root ; COMMAND=/usr/bin/puppet cert --ssldir #{ssldir} --list --all
However this does not clear the certifcate request.
The smart proxy should just "sudo rm -f SSLDIR/ca/requests/webserver-test1.XX.XX.XX.XX.pem"
Note: This also needs a new "SUDO" Command in the foreman installer to allow this removal:
foreman-proxy ALL = (root) NOPASSWD : /bin/rm #{ssldir}/ca/requests/Files
Updated by Dominic Cleal about 8 years ago
- Is duplicate of Bug #3995: pending certificates don't get deleted with puppet 3.x added
Updated by Dominic Cleal about 8 years ago
- Status changed from New to Duplicate
Thanks for the report, this is being tracked under ticket #3995 and PUP-1916.