Project

General

Profile

Actions
Copy link

Feature #21159

open

Need a procedure to renew puppet CA after 5 years

Added by Ondřej Pražák over 6 years ago.

Status:
New
Priority:
Normal
Assignee:
-
Category:
PuppetCA
Target version:
-
Difficulty:
Triaged:
Bugzilla link:
1391222
Pull request:
Fixed in Releases:
Found in Releases:
Red Hat JIRA:

Description

Description of problem:
The Puppet CA's expire 5 years after creation

How reproducible:
Always

Steps to Reproduce:
1. Install Foreman
2. Wait 5 years

Actual results:
Certs are expired

Expected results:
Certs are expired, but we provide a method to renew them

Additional info:
Typically, users regenerate the CA
and re-sign all the certs. Not very nice if you have a lot of clients. There's
something here about renewing it by reverse engineering the CSR:

https://gist.github.com/kbarber/6456420

No data to display

Actions
Copy link

Also available in: Atom PDF