Fix #4226 - Prepend 'Puppet CA: ' to fqdn for default root ca_name

Having a root ca_name that matches the fqdn of the puppet master would
cause certificate lookup problems on some clients, resulting in failed SSL
negotiation.

Signed-off-by: Jacob Helwig <jacob@puppetlabs.com>

1 files changed, 1 insertions, 1 deletions

diff --git a/lib/puppet/ssl/certificate_request.rb b/lib/puppet/ssl/certificate_request.rb
index e4d06a039..2f6cae3f5 100644
--- a/lib/puppet/ssl/certificate_request.rb
+++ b/lib/puppet/ssl/certificate_request.rb
@@ -29,7 +29,7 @@ class Puppet::SSL::CertificateRequest < Puppet::SSL::Base
     # Support either an actual SSL key, or a Puppet key.
     key = key.content if key.is_a?(Puppet::SSL::Key)
 
-    # If we're a CSR for the CA, then use the real certname, rather than the
+    # If we're a CSR for the CA, then use the real ca_name, rather than the
     # fake 'ca' name.  This is mostly for backward compatibility with 0.24.x,
     # but it's also just a good idea.
     common_name = name == Puppet::SSL::CA_NAME ? Puppet.settings[:ca_name] : name