Client Certificate authentication issue and fix(?)

[Gregory Neagle]

If you use Client Certificate authentication with Munki (https://github.com/munki/munki/wiki/Using-Munki-With-SSL-Client-Certificates), please see

https://github.com/munki/munki/issues/1235

and

https://github.com/munki/munki/pull/1236

Since I cannot (easily) personally test any of this, I’m relying on people actually using Client Certificate authentication to test this proposed change and give us feedback.

-Greg

[Gregory Neagle]

I’ve merged this change into the Munki6dev branch. If you use Client Certificate authentication, please test this change.

The easiest way to test might be to just grab a copy of this file https://github.com/munki/munki/blob/Munki6dev/code/client/munkilib/gurl.py and copy it to /usr/local/munki/munkilib/gurl.py on one or more test clients.

You could also build an entire new Munki tools package using `./code/tools/make_munki_mpkg_from_git.sh -b Munki6dev` from a git clone of the Munki repo. This is more complex, and will leave you with either an unsigned install of Munki, or (if you sign it yourself) a version not signed by the MacAdmins Open Source team.

-Greg

[Gregory Neagle]

I’ll make testing even easier: I’ve attached a copy of the updated gurl.py file.