Jira (PDB-5062) Remove password entry from database.ini when using certificate authentication

5 views
Skip to first unread message

Austin Blatt (Jira)

unread,
Mar 12, 2021, 3:29:03 PM3/12/21
to puppe...@googlegroups.com
Austin Blatt created an issue
 
PuppetDB / Improvement PDB-5062
Remove password entry from database.ini when using certificate authentication
Issue Type: Improvement Improvement
Assignee: Unassigned
Created: 2021/03/12 12:28 PM
Priority: Normal Normal
Reporter: Austin Blatt

PDB-5061 will limit our options with this ticket as just removing the password entry in database.ini will cause issues on current versions of PuppetDB.

We want to ensure users remove the password from their config files for a number of reasons. Primarily, it is more secure to not have that password. But additionally, the ordering of auth rules in pg_hba.conf determines whether or not we use password or certificate authentication with the database so removing the password entry gives us greater certainty that we are actually using certificate authentication and not still relying on password authentication.
Add Comment Add Comment
 
This message was sent by Atlassian Jira (v8.5.2#805002-sha1:a66f935)
Atlassian logo

David McTavish (Jira)

unread,
Feb 9, 2022, 2:53:02 PM2/9/22
to puppe...@googlegroups.com
David McTavish updated an issue
Change By: David McTavish
Sprint: HAHA/Grooming
This message was sent by Atlassian Jira (v8.20.2#820002-sha1:829506d)
Atlassian logo

David McTavish (Jira)

unread,
Feb 10, 2022, 9:21:01 AM2/10/22
to puppe...@googlegroups.com
David McTavish updated an issue
Change By: David McTavish
Priority: Normal Low
Reply all
Reply to author
Forward
0 new messages