Architecture #15212
closed
Architecture #14008: Replace syslog by an HTTPS based communication for reporting
Architecture #14818: Generate a certificate for unix agents
Generate a file on root server containing all nodes certificate
Added by Alexis Mousset over 5 years ago.
Updated about 5 years ago.
Category:
System integration
Description
The file containing all certificates is just a concatenation of all PEM node certificates.
It will be located at: /opt/rudder/etc/ssl/allnodescerts.pem
After file is writen, Rudder must ask relayd to reload. For that, it will call a command from configuration file (that can be updated at any time).
The default command is: `/bin/rudder relay reload`.
- Category changed from Techniques to System integration
- Parent task changed from #15211 to #14818
We are going to directly generate a file with all certs in path:
/opt/rudder/etc/ssl/allnodescerts.pem
The file will be the concatenation of all know node certificate. For now, it will be generated during policy generation, but there is no need to do so: we will be able to just add node certificate when an inventory is updated, and remove cert when a node is deleted.
- Status changed from New to In progress
- Assignee set to François ARMAND
- Status changed from In progress to Pending technical review
- Assignee changed from François ARMAND to Vincent MEMBRÉ
- Pull Request set to https://github.com/Normation/rudder/pull/2313
- Related to Architecture #15238: Move /opt/rudder/etc/ssl/nodeslist.cert to /var/rudder/lib/ssl added
- Status changed from Pending technical review to Discussion
- Assignee changed from Vincent MEMBRÉ to François ARMAND
- Assignee changed from François ARMAND to Vincent MEMBRÉ
- Status changed from Discussion to Pending technical review
- Status changed from Pending technical review to Discussion
- Assignee changed from Vincent MEMBRÉ to François ARMAND
- Description updated (diff)
- Status changed from Discussion to Pending technical review
- Assignee changed from François ARMAND to Vincent MEMBRÉ
- Status changed from Pending technical review to Discussion
- Assignee changed from Vincent MEMBRÉ to François ARMAND
- Status changed from Discussion to Pending technical review
- Assignee changed from François ARMAND to Vincent MEMBRÉ
- Status changed from Pending technical review to Discussion
- Assignee changed from Vincent MEMBRÉ to François ARMAND
- Status changed from Discussion to Pending release
- Status changed from Pending release to Released
This bug has been fixed in Rudder 6.0.0~beta1 which was released today.
Also available in: Atom
PDF
Updated by 
Updated by 
Updated by