Skip to content
Snippets Groups Projects
Select Git revision
  • master default protected
  • fix-vardir-ownership
  • 14.0.0
  • 13.0.0
  • 12.1.0
  • 12.0.1
  • 12.0.0
  • 11.0.1
  • 11.0.0
  • 10.1.0
  • 10.0.0
  • 9.1.0
  • 9.0.3
  • 7.1.4
  • 9.0.1
  • 9.0.0
  • 8.2.0
  • 8.1.0
  • 8.0.4
  • 7.1.3
  • 7.1.2
  • 8.0.3
22 results

puppet-puppet-deleted-2844

  • Clone with SSH
  • Clone with HTTPS
    • user avatar
    also allow whitelisted admin clients to clean certs
    Thore Bödecker authored and Ewoud Kohl van Wijngaarden committed 
    During #728 a regression was introduced, denying the other whitelisted
admin clients cleaning/deletion of certificates:

```
2020-06-02T16:30:47.856+02:00 ERROR [qtp1105504743-114201] [p.t.a.rules] Forbidden request: puppetserver01.[...] access to /puppet-ca/v1/certificate_status/my.fancy.hostname (method :delete) (authenticated: true) denied by rule 'Allow nodes to delete their own certificates'.
```

The solution is to re-allow the entries within
`@server_admin_api_whitelist`, which usually contain "localhost" and the
fqdn of the puppetserver CA system.
    f63fdaa5
    History
    user avatar f63fdaa5
    History
    Name Last commit Last update