From 66cf3a925b4b6d9b40cbdf95f2be6575bb05a881 Mon Sep 17 00:00:00 2001 From: Jacob Helwig Date: Tue, 21 Sep 2010 14:01:15 -0700 Subject: Fix #4226 - Prepend 'Puppet CA: ' to fqdn for default root ca_name Having a root ca_name that matches the fqdn of the puppet master would cause certificate lookup problems on some clients, resulting in failed SSL negotiation. Signed-off-by: Jacob Helwig --- lib/puppet/ssl/certificate_request.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lib/puppet/ssl/certificate_request.rb') diff --git a/lib/puppet/ssl/certificate_request.rb b/lib/puppet/ssl/certificate_request.rb index e4d06a039..2f6cae3f5 100644 --- a/lib/puppet/ssl/certificate_request.rb +++ b/lib/puppet/ssl/certificate_request.rb @@ -29,7 +29,7 @@ class Puppet::SSL::CertificateRequest < Puppet::SSL::Base # Support either an actual SSL key, or a Puppet key. key = key.content if key.is_a?(Puppet::SSL::Key) - # If we're a CSR for the CA, then use the real certname, rather than the + # If we're a CSR for the CA, then use the real ca_name, rather than the # fake 'ca' name. This is mostly for backward compatibility with 0.24.x, # but it's also just a good idea. common_name = name == Puppet::SSL::CA_NAME ? Puppet.settings[:ca_name] : name -- cgit