Project

General

Profile

Actions

Architecture #15212

closed

Architecture #14008: Replace syslog by an HTTPS based communication for reporting

Architecture #14818: Generate a certificate for unix agents

Generate a file on root server containing all nodes certificate

Added by Alexis Mousset over 4 years ago. Updated over 4 years ago.

Status:
Released
Priority:
N/A
Category:
System integration
Target version:
Effort required:
Name check:
To do
Fix check:
To do
Regression:

Description

The file containing all certificates is just a concatenation of all PEM node certificates.
It will be located at: /opt/rudder/etc/ssl/allnodescerts.pem

After file is writen, Rudder must ask relayd to reload. For that, it will call a command from configuration file (that can be updated at any time).

The default command is: `/bin/rudder relay reload`.


Related issues 1 (0 open1 closed)

Related to Rudder - Architecture #15238: Move /opt/rudder/etc/ssl/nodeslist.cert to /var/rudder/lib/sslReleasedBenoît PECCATTEActions
Actions #1

Updated by François ARMAND over 4 years ago

  • Category changed from Techniques to System integration
  • Parent task changed from #15211 to #14818

We are going to directly generate a file with all certs in path:

/opt/rudder/etc/ssl/allnodescerts.pem

The file will be the concatenation of all know node certificate. For now, it will be generated during policy generation, but there is no need to do so: we will be able to just add node certificate when an inventory is updated, and remove cert when a node is deleted.

Actions #2

Updated by François ARMAND over 4 years ago

  • Status changed from New to In progress
  • Assignee set to François ARMAND
Actions #3

Updated by François ARMAND over 4 years ago

  • Status changed from In progress to Pending technical review
  • Assignee changed from François ARMAND to Vincent MEMBRÉ
  • Pull Request set to https://github.com/Normation/rudder/pull/2313
Actions #4

Updated by François ARMAND over 4 years ago

  • Related to Architecture #15238: Move /opt/rudder/etc/ssl/nodeslist.cert to /var/rudder/lib/ssl added
Actions #5

Updated by Rudder Quality Assistant over 4 years ago

  • Status changed from Pending technical review to Discussion
  • Assignee changed from Vincent MEMBRÉ to François ARMAND
Actions #6

Updated by François ARMAND over 4 years ago

  • Assignee changed from François ARMAND to Vincent MEMBRÉ
Actions #7

Updated by François ARMAND over 4 years ago

  • Status changed from Discussion to Pending technical review
Actions #8

Updated by Rudder Quality Assistant over 4 years ago

  • Status changed from Pending technical review to Discussion
  • Assignee changed from Vincent MEMBRÉ to François ARMAND
Actions #9

Updated by François ARMAND over 4 years ago

  • Description updated (diff)
  • Status changed from Discussion to Pending technical review
  • Assignee changed from François ARMAND to Vincent MEMBRÉ
Actions #10

Updated by Rudder Quality Assistant over 4 years ago

  • Status changed from Pending technical review to Discussion
  • Assignee changed from Vincent MEMBRÉ to François ARMAND
Actions #11

Updated by François ARMAND over 4 years ago

  • Status changed from Discussion to Pending technical review
  • Assignee changed from François ARMAND to Vincent MEMBRÉ
Actions #12

Updated by Rudder Quality Assistant over 4 years ago

  • Status changed from Pending technical review to Discussion
  • Assignee changed from Vincent MEMBRÉ to François ARMAND
Actions #13

Updated by François ARMAND over 4 years ago

  • Status changed from Discussion to Pending release
Actions #14

Updated by Vincent MEMBRÉ over 4 years ago

  • Status changed from Pending release to Released

This bug has been fixed in Rudder 6.0.0~beta1 which was released today.

Actions

Also available in: Atom PDF