Project

General

Profile

Actions

Architecture #14818

closed

Architecture #14008: Replace syslog by an HTTPS based communication for reporting

Generate a certificate for unix agents

Added by Alexis Mousset over 5 years ago. Updated about 5 years ago.

Status:
Released
Priority:
N/A
Category:
Agent
Target version:
Effort required:
Name check:
Fix check:
Regression:

Description

Currently we only have a keypair. Generate certificate from the existing key to allow easy signing of reports.

On windows, we do:

$cmd2 = "set `"OPENSSL_CONF=$rudderBase\etc\ssl\openssl.cnf`" && `"$rudderBase\bin\openssl.exe`" req -new -sha256 -key `"$rudderBase\etc\ssl\localhost.priv`" -out `"$rudderBase\etc\ssl\localhost.cert`" -passin `"pass:Rudder-dsc passphrase`" -x509 -days 3650 -extensions agent_cert -subj `"/CN=$env:computername/UID=$guid`"" 


Subtasks 17 (0 open17 closed)

Architecture #14819: Add openssl configuration to agent packageReleasedBenoît PECCATTEActions
Architecture #14845: Remoge key generation from system techniquesReleasedAlexis MoussetActions
Architecture #14849: Backup certificate when installing/upgradingReleasedAlexis MoussetActions
Bug #14851: Backup certificate when installing/upgradingReleasedAlexis MoussetActions
Bug #14850: Generate a certificate for unix agentsReleasedAlexis MoussetActions
Architecture #14856: Add agent certificate to unix inventoriesReleasedFrançois ARMANDActions
Architecture #14857: Add certificate to inventory in fusionReleasedAlexis MoussetActions
Architecture #15211: Add a system variable containing all nodes certsRejectedActions
Architecture #15212: Generate a file on root server containing all nodes certificateReleasedFrançois ARMANDActions
Architecture #15238: Move /opt/rudder/etc/ssl/nodeslist.cert to /var/rudder/lib/sslReleasedBenoît PECCATTEActions
Architecture #15240: Move /opt/rudder/etc/ssl/nodeslist.cert to /var/rudder/lib/ssl - techniquesReleasedBenoît PECCATTEActions
Bug #15356: Move /opt/rudder/etc/ssl/nodeslist.cert to /var/rudder/lib/ssl - techniquesReleasedAlexis MoussetActions
Architecture #15277: Broken relay postinst after certs moveReleasedBenoît PECCATTEActions
Bug #15292: Move /opt/rudder/etc/ssl/nodeslist.cert to /var/rudder/lib/sslReleasedAlexis MoussetActions
Bug #15295: Move /opt/rudder/etc/ssl/nodeslist.cert to /var/rudder/lib/sslReleasedAlexis MoussetActions
Bug #15298: Move /opt/rudder/etc/ssl/nodeslist.cert to /var/rudder/lib/sslReleasedAlexis MoussetActions
Bug #15301: Move /opt/rudder/etc/ssl/nodeslist.cert to /var/rudder/lib/sslReleasedAlexis MoussetActions
Actions

Also available in: Atom PDF