Larry Ludwig wrote:
> On Sep 3, 2009, at 6:46 AM, Štefan Sakalík wrote:
>
>
>> I'm using mongrel and these lines in apache config concern me (from
>> wiki/UsingMongrel):
>> SSLVerifyClient optional
>> RequestHeader set X-Client-Verify %{SSL_CLIENT_VERIFY}e
>>
>> So apache gives access to everyone. Does the puppetmaster additionally
>> verify client's identity? It's not obvious from the source code.
>>
>
> Hi,
>
> This is so unsigned clients can connect and send their initial info.
> (allowing the puppetmaster to sign them)
>
I see now. I wanted to make sure that client without signed certificate
can't get access to fileserver. So I assume this is the case.
-Stefan
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en
-~----------~----~----~----~------~----~------~--~---
