Good news that everything else works. For puppet I have the LB name in the auth.conf file on the relevant allow lines. The cert for puppet have the lb name AND the name of the hosts sitting behind it in a SAN (Server Alternate Name) certificate.
On 11 July 2017 at 12:01, Unix SA <[email protected]> wrote: > Thanks, > > I am having issue with puppet, when i provision client i give puppet CA > and master as CNAME now after succesful provision puppet.conf in client has > cname as CA and server, but when i check capsule it has not generated > certificates using cname and puppet communication fails, am i missing > something ? > > How do generate puppet CA cert as well with CNAME for puppet to work? > > Do you have sequence of steps you followed if you can share please ? > > For testing i have below setup currently > > Satellite master > Haproxy server > UK capsule, (after some testing will add more capsules) > > Thanks, > DJ > > -- > You received this message because you are subscribed to a topic in the > Google Groups "Foreman users" group. > To unsubscribe from this topic, visit https://groups.google.com/d/ > topic/foreman-users/CzORDwoCc8w/unsubscribe. > To unsubscribe from this group and all its topics, send an email to > [email protected]. > To post to this group, send email to [email protected]. > Visit this group at https://groups.google.com/group/foreman-users. > For more options, visit https://groups.google.com/d/optout. > -- Thanks, Andrew -- You received this message because you are subscribed to the Google Groups "Foreman users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at https://groups.google.com/group/foreman-users. For more options, visit https://groups.google.com/d/optout.
