Comments (3)
Example when executed on the CA server itself:
curl --tlsv1 \
--cacert /etc/puppetlabs/puppet/ssl/certs/ca.pem \
--cert /etc/puppetlabs/puppet/ssl/certs/puppet.pem \
--key /etc/puppetlabs/puppet/ssl/private_keys/puppet.pem \
-k https://localhost:8140/puppet-ca/v1/certificate_status/client.domain.tld
Internal Server Error: java.io.FileNotFoundException: /etc/puppetlabs/puppetserver/ca/requests/client.domain.tld.pem (No such file or directory)
The system in question has had a certificate previously but no longer does. Neither a certificate or a certificate request file exists for the system on the CA. For other non-existing nodes it correctly returns Resource not found.
if the resource does not exist.
One workaround seems to be having the node connect to the CA and hence generating a new CSR file. However, revoking PUT /puppet-ca/v1/certificate_status/client.domain.tld
and cleaning it DELETE /puppet-ca/v1/certificate_status/client.domain.tld
causes the problem to show itself again. Same thing happens regardless if a certificate or a CSR is going through this process.
As mentioned earlier this only happens sometimes and after it has started to happen it is persistent for that particular subject DN.
The CA is also much slower to process CSRs -> Cert (as also mentioned in linked issue).
from puppetserver.
Thanks for your report. The issue is a simple logic problem that I will resolve shortly.
from puppetserver.
@jonathannewman @justinstoller Hi, when will there be a release which includes this fix? Thanks.
from puppetserver.
Related Issues (18)
- Don't open issue queue on gh if you take em in JIRA HOT 1
- Puppet Server does not update CRLs that are close to expiring
- Update concurrent-ruby to latest HOT 1
- Puppetserver README is out of date
- Puppetserver 8.4.0 No longer compatible with Java 11 HOT 2
- puppetserver 7.x's logged message about hiera() deprecation includes a broken URL HOT 1
- Missing Puppet packages for Debian 12 (Bookworm) HOT 17
- Provide more detail about service state during startup/jruby instance creation HOT 1
- Please make the packaging/build pipelines public and provide reproducible builds HOT 1
- /status/v1/simple timing out regularly
- /status/v1/services only reports running status
- puppetserver gets trapped in exception cycle and uses 100% CPU HOT 3
- Ubuntu 24.04 packages are missing HOT 3
- FIPS 140-3 Support RHEL 9 HOT 1
- puppetserver fails on init with >2TB of total host RAM HOT 2
- Memory Leak when passing ca_file to Net::HTTP in a custom function
- Topscope variable is empty in (sub) modules
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from puppetserver.