Created
August 28, 2012 09:56
-
-
Save zipkid/3496753 to your computer and use it in GitHub Desktop.
presign puppet cert
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 1. Generate a pre-signed certificate for client1.example.com with the following command: | |
| puppet cert --generate client1.example.com | |
| Puppet will now generate and sign a client certificate in the name of client1. example.com. | |
| 2. Transfer the three required files; the private key, the client certificate, and the CA certificate, to the new client. These are found in the following locations: | |
| /etc/puppet/ssl/private_keys/client1.example.com.pem | |
| /etc/puppet/ssl/certs/client1.example.com.pem | |
| /etc/puppet/ssl/certs/ca.pem | |
| Transfer these to the corresponding directories on the client, and it will then be authenticated without the certificate request step. Note that the location of Puppet's SSL certs varies according to the ssldir setting in puppet.conf. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment