I'm using mongrel and these lines in apache config concern me (from
wiki/UsingMongrel):
SSLVerifyClient optional
RequestHeader set X-Client-Verify %{SSL_CLIENT_VERIFY}e
So apache gives access to everyone. Does the puppetmaster additionally
verify client's identity? It's not obvious from the source code.
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en
-~----------~----~----~----~------~----~------~--~---
