API Endpoints to update client certs not accessible PUT #3208
Labels
Status: Adopted
An issue that is being worked on.
Status: move to jira
Triage: Try Reproducing
Indicates that this issue needs to be reproduced.
Chef Server Version
Stock version of Chef Server Core 14.12.21
Platform Details
Azure Ubuntu Linux 20.04, all patched up
Configuration
[Standalone, New install Ideally include your /etc/opscode/chef-server.rb or otherwise provide details of changes from the default]
Chef-Server.rb is zero bytes
Scenario
A standard user/node pem is being used to authenticate against a chef server
Chef-Client attempting a PUT against the endpoints of either
/clients/CLIENT
- gets a response on the client of 400 and a message of -msg=key_management_not_supported
on the server/client/CLIENT/keys/KEY
- gets a response of 403 on the client and a message -msg={update,forbidden}
on the serverSteps to Reproduce
Expected Result
Issuing a PUT to the /Clients endpoint should probably fail, per a conversation with @marcparadise. However, the PUT to the actual key endpoint should be working. The client team is moving certs off disk and needs access to that end point so that given clients can update themselves periodically.
Actual Result
Failure and despair! See above.
The text was updated successfully, but these errors were encountered: