Jira (PUP-11602) Change default crl_refresh_interval to 1 day in puppet 8

[Josh Cooper (Jira)]

Josh Cooper created an issue

Puppet / PUP-11602 Change default crl_refresh_interval to 1 day in puppet 8 Issue Type: Improvement Assignee: Unassigned Created: 2022/07/29 8:41 AM Fix Versions: PUP 8.0.0 Priority: Normal Reporter: Josh Cooper The crl_refresh_interval setting was added in Puppet 6.5 (PUP-2310) and defaults to never, so it's behind a feature flag. Now that it's been in use for awhile and is generally a good thing security-wise, this ticket is to change the default value to 1 day. This is a simple change to lib/puppet/defaults.rb and should be done for the 8.0 release. See https://puppetcommunity.slack.com/archives/C0W1X7ZAL/p1659103057731379 Add Comment

This message was sent by Atlassian Jira (v8.20.11#820011-sha1:0629dd8)

[Josh Cooper (Jira)]

Josh Cooper updated an issue

Puppet / PUP-11602 Change default crl_refresh_interval to 1 day in puppet 8

Change By: Josh Cooper Epic Link: PA-4664

Add Comment

[Josh Cooper (Jira)]

Josh Cooper updated an issue

Puppet / PUP-11602 Change default crl_refresh_interval to 1 day in puppet 8

Change By: Josh Cooper Team: Phoenix

Add Comment

[Morgan Rhodes (Jira)]

Morgan Rhodes updated an issue

Puppet / PUP-11602 Change default crl_refresh_interval to 1 day in puppet 8

Change By: Morgan Rhodes Story Points: 2

Add Comment

[Morgan Rhodes (Jira)]

Morgan Rhodes updated an issue

Puppet / PUP-11602 Change default crl_refresh_interval to 1 day in puppet 8

Change By: Morgan Rhodes Sprint: Phoenix 2023-01-18

Add Comment

[Morgan Rhodes (Jira)]

Morgan Rhodes updated an issue

Puppet / PUP-11602 Change default crl_refresh_interval to 1 day in puppet 8 Change By: Morgan Rhodes

The crl_refresh_interval setting was added in Puppet 6.5 (PUP-2310) and defaults to never, so it's behind a feature flag. Now that it's been in use for awhile and is generally a good thing security-wise, this ticket is to change the default value to 1 day. This is a simple change to lib/puppet/defaults.rb and should be done for the 8.0 release. See https://puppetcommunity.slack.com/archives/C0W1X7ZAL/p1659103057731379

May also include some test changes.

Add Comment

[Michael Hashizume (Jira)]

Michael Hashizume assigned an issue to Michael Hashizume

Puppet / PUP-11602 Change default crl_refresh_interval to 1 day in puppet 8

Change By: Michael Hashizume Assignee: Michael Hashizume

Add Comment

[Michael Hashizume (Jira)]

Michael Hashizume updated an issue

Puppet / PUP-11602 Change default crl_refresh_interval to 1 day in puppet 8

Change By: Michael Hashizume Release Notes: Enhancement Release Notes Summary: puppet-agent now defaults to refreshing its certificate revocation list (CRL) once every 24 hours.

Add Comment

[Parker Leach (Jira)]

Parker Leach updated an issue

Puppet / PUP-11602 Change default crl_refresh_interval to 1 day in puppet 8

Change By: Parker Leach Labels: docs_reviewed

Add Comment