I would love to see an answer to this as well. I have basically ended up just adding an entry to /etc/hosts to make it possible to connect to the secondary interface.
-- cwebber On Nov 13, 2009, at 6:40 AM, Hubert Krause wrote: > > Hello List, > > I have a problem with the CA on my Puppetmaster. This Puppetmaster is > connected to different Networks with different sub domainnames. The > Puppet > clients connecting via different Interfaces. There is no routing > between > subnets. Only one subnet can connect successfully. This is because the > subject in the Certificate is the name of this subnet. All other > clients get: > > Could not retrieve catalog: Certificates were not trusted: hostname > not match > with the server certificate > > If I use just the hostname, no client can connect successfully. It > seems to > be, that there is allways the need for a single fqdn. > > The puttemaster is served via Passenger and Apache2. > > Is there a way to use the nice to use puppetca tool in this szenario > or do I > have to provide as much CAs as I have subnets and do cert signing by > hand? Or > is there another solution? > > Any hints will be very welcome. > > Cheers, > > Hubert > -- > Hubert Krause > Risk & Fraud Division > INFORM GmbH, Pascalstraße 23, 52076 Aachen, Germany > Phone: +49 24 08 - 94 56 188 > E-Mail: [email protected], Web: http://www.inform-ac.com > INFORM Institut fuer Operations Research und Management GmbH > Registered AmtsG Aachen HRB1144 Gfhr. Adrian Weiler > > > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~----------~----~----~----~------~----~------~--~---
