-
Notifications
You must be signed in to change notification settings - Fork 2.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
(PUP-11896) Send auto-renew extension in CSR #9076
(PUP-11896) Send auto-renew extension in CSR #9076
Conversation
This commit adds an auto-renew extension to the CSR when it is generated if the agent supports auto-renewal of certificates. Agents that either do not have the hostcert_renewal_interval setting or have it set to 0 do not support auto-renewal.
57a5c91
to
ae2cf20
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM!
Any idea why we jumped from ...1.3.1
to ...1.3.13
? And whether adding ...1.3.2
is possibly squatting on an existing, but undocumented OID?
I'm not too sure...lemme ask Charlie about it just in case! Edit: He also doesn't really know why there's a jump between them and He did mention that |
This commit adds an auto-renew attribute to the CSR when it is generated if the agent supports auto-renewal of certificates. Agents that either do not have the hostcert_renewal_interval setting or have it set to 0 do not support auto-renewal. Originally, this was added as an auto-renew extension to the CSR (see puppetlabs#9076). However, in its default (FOSS) configuration, puppetserver rejects extensions so the auto-renew will be implemented as an attribute instead.
This commit adds an auto-renew attribute to the CSR when it is generated if the agent supports auto-renewal of certificates. Agents that either do not have the hostcert_renewal_interval setting or have it set to 0 do not support auto-renewal. Originally, this was added as an auto-renew extension to the CSR (see puppetlabs#9076). However, in its default (FOSS) configuration, puppetserver rejects extensions so the auto-renew will be implemented as an attribute instead.
This commit adds an auto-renew attribute to the CSR when it is generated if the agent supports auto-renewal of certificates. Agents that either do not have the hostcert_renewal_interval setting or have it set to 0 do not support auto-renewal. Originally, this was added as an auto-renew extension to the CSR (see puppetlabs#9076). However, in its default (FOSS) configuration, puppetserver rejects extensions so the auto-renew will be implemented as an attribute instead.
This commit adds an auto-renew attribute to the CSR when it is generated if the agent supports auto-renewal of certificates. Agents that either do not have the hostcert_renewal_interval setting or have it set to 0 do not support auto-renewal. Originally, this was added as an auto-renew extension to the CSR (see puppetlabs#9076). However, in its default (FOSS) configuration, puppetserver rejects extensions so the auto-renew will be implemented as an attribute instead.
This commit adds an auto-renew attribute to the CSR when it is generated if the agent supports auto-renewal of certificates. Agents that either do not have the hostcert_renewal_interval setting or have it set to 0 do not support auto-renewal. Originally, this was added as an auto-renew extension to the CSR (see puppetlabs#9076). However, in its default (FOSS) configuration, puppetserver rejects extensions so the auto-renew will be implemented as an attribute instead.
This commit adds an auto-renew attribute to the CSR when it is generated if the agent supports auto-renewal of certificates. Agents that either do not have the hostcert_renewal_interval setting or have it set to 0 do not support auto-renewal. Originally, this was added as an auto-renew extension to the CSR (see puppetlabs#9076). However, in its default (FOSS) configuration, puppetserver rejects extensions so the auto-renew will be implemented as an attribute instead.
This commit adds an auto-renew attribute to the CSR when it is generated if the agent supports auto-renewal of certificates. Agents that either do not have the hostcert_renewal_interval setting or have it set to 0 do not support auto-renewal. Originally, this was added as an auto-renew extension to the CSR (see puppetlabs#9076). However, in its default (FOSS) configuration, puppetserver rejects extensions so the auto-renew will be implemented as an attribute instead.
This commit adds an auto-renew extension to the CSR when it is generated if the agent supports auto-renewal of certificates. Agents that either do not have the
hostcert_renewal_interval
setting or have it set to 0 do not support auto-renewal.