Project

General

Profile

Architecture #15212

Architecture #14008: Replace syslog by an HTTPS based communication for reporting

Architecture #14818: Generate a certificate for unix agents

Generate a file on root server containing all nodes certificate

Added by Alexis MOUSSET about 1 year ago. Updated 9 months ago.

Status:
Released
Priority:
N/A
Category:
System integration
Target version:
Effort required:

Description

The file containing all certificates is just a concatenation of all PEM node certificates.
It will be located at: /opt/rudder/etc/ssl/allnodescerts.pem

After file is writen, Rudder must ask relayd to reload. For that, it will call a command from configuration file (that can be updated at any time).

The default command is: `/bin/rudder relay reload`.


Related issues

Related to Rudder - Architecture #15238: Move /opt/rudder/etc/ssl/nodeslist.cert to /var/rudder/lib/sslReleasedBenoît PECCATTEActions
#1

Updated by François ARMAND about 1 year ago

  • Category changed from Techniques to System integration
  • Parent task changed from #15211 to #14818

We are going to directly generate a file with all certs in path:

/opt/rudder/etc/ssl/allnodescerts.pem

The file will be the concatenation of all know node certificate. For now, it will be generated during policy generation, but there is no need to do so: we will be able to just add node certificate when an inventory is updated, and remove cert when a node is deleted.

#2

Updated by François ARMAND about 1 year ago

  • Status changed from New to In progress
  • Assignee set to François ARMAND
#3

Updated by François ARMAND about 1 year ago

  • Status changed from In progress to Pending technical review
  • Assignee changed from François ARMAND to Vincent MEMBRÉ
  • Pull Request set to https://github.com/Normation/rudder/pull/2313
#4

Updated by François ARMAND about 1 year ago

  • Related to Architecture #15238: Move /opt/rudder/etc/ssl/nodeslist.cert to /var/rudder/lib/ssl added
#5

Updated by Rudder Quality Assistant about 1 year ago

  • Status changed from Pending technical review to Discussion
  • Assignee changed from Vincent MEMBRÉ to François ARMAND
#6

Updated by François ARMAND about 1 year ago

  • Assignee changed from François ARMAND to Vincent MEMBRÉ
#7

Updated by François ARMAND about 1 year ago

  • Status changed from Discussion to Pending technical review
#8

Updated by Rudder Quality Assistant about 1 year ago

  • Status changed from Pending technical review to Discussion
  • Assignee changed from Vincent MEMBRÉ to François ARMAND
#9

Updated by François ARMAND about 1 year ago

  • Description updated (diff)
  • Status changed from Discussion to Pending technical review
  • Assignee changed from François ARMAND to Vincent MEMBRÉ
#10

Updated by Rudder Quality Assistant about 1 year ago

  • Status changed from Pending technical review to Discussion
  • Assignee changed from Vincent MEMBRÉ to François ARMAND
#11

Updated by François ARMAND about 1 year ago

  • Status changed from Discussion to Pending technical review
  • Assignee changed from François ARMAND to Vincent MEMBRÉ
#12

Updated by Rudder Quality Assistant about 1 year ago

  • Status changed from Pending technical review to Discussion
  • Assignee changed from Vincent MEMBRÉ to François ARMAND
#13

Updated by François ARMAND about 1 year ago

  • Status changed from Discussion to Pending release
#14

Updated by Vincent MEMBRÉ 9 months ago

  • Status changed from Pending release to Released

This bug has been fixed in Rudder 6.0.0~beta1 which was released today.

Also available in: Atom PDF