On Fri, Apr 22, 2011 at 6:21 AM, Luke Kanies <[email protected]> wrote: > You can pretty easily do a curl or equivalent to see if the signed cert is > there. > > The URL will be something like > http://$server/production/certificate/$hostname, but you'll probably need to > do some SSL shenanigans. > > Quite a few others are actually doing this kind of query, so someone can > probably pop in with details of it.
That's actually all you need. If you have the default authentication (auth.conf) setup, these requests don't need to use a signed certificate either, so curl -k works well here. If you still want to validate the authenticity of the CA SSL port, you can use the --cacert option and point it at $ssldir/ca.pem curl -k https://puppet.example.com/production/certificate/myhost.example.com Hope this helps, -- Jeff McCune Professional Services, Puppet Labs @0xEFF -- You received this message because you are subscribed to the Google Groups "Puppet Developers" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/puppet-dev?hl=en.
