fixes #2121, #2069 - authenticate to Foreman with SSL certificate
CVE-2013-0171 and CVE-2013-0174 were resolved by verifying client SSL certificates on Foreman interfaces used by puppetmasters. This change updates the ENC and report processors to provide and verify certificates by default.
Related issues
Bug #2069: (encrypted) root passwords are world readable
Bug #2121: Unauthenticated YAML fact and reports importers can be exploited
Added by Dominic Cleal over 11 years ago
fixes #2121, #2069 - authenticate to Foreman with SSL certificate
CVE-2013-0171 and CVE-2013-0174 were resolved by verifying client SSL
certificates on Foreman interfaces used by puppetmasters. This change updates
the ENC and report processors to provide and verify certificates by default.