I believe you only have to restart the puppetmaster if you modified the
private keys used directly by master or the certs or CA used by master.
Modifying client certs should not require restarting the master service.
On Monday, October 18, 2021 at 5:21:38 PM UTC-4 puppet-bsd wrote:
> Following
Following the instruction to create the certificate from scratch and
reissuing one of its agents (specially the smart proxy) it generates
certificate revoke.
In order to remote the revoked certificate, I had to restart the puppet
agent service and to sign it in master. Just to test the agent
If the key and the certificate don't match, you may have to regenerate your
puppetserver's CA and start from scratch essentially. I'm not aware of a
way to fix a mismatch without totally starting over from scratch. If you
want to start from scratch, you usually just delete
Performed the Verify steps. Seems the values are not equal. Is there any
steps in order to make the values equal?
On Friday, October 15, 2021 at 9:34:11 AM UTC-4 treydock wrote:
> My advise might not be the best but it's what worked for me when our
> master CA certificate expired. These are
Hi,
Obviously does it need file backup and the puppetmaster to be restated
after the action. Correct?
On Friday, October 15, 2021 at 9:34:11 AM UTC-4 treydock wrote:
> My advise might not be the best but it's what worked for me when our
> master CA certificate expired. These are my raw notes
My advise might not be the best but it's what worked for me when our master
CA certificate expired. These are my raw notes from when I had to renew
our puppetserver certificate. The original certificate was likely Puppet 4
and expired when running Puppet 6. I googled around and took some
