On 2/1/10 8:10 PM, nicholas wrote:
Trying to manage my certs sanely, upgrading from 0.24.8 -> 0.25.3
I setup one host as the CA and have all my clients point to that.
Then I have several puppetmaster's running on other hosts.
Problem is, puppetmasterd seems to be hardcoded to be a cert authority
Even if I set the 'ca' flag to false.
It keeps trying to create the ca.pem file and use that, even though I
have one and it should use that instead.
Is there a reason that the puppetmasterd has to be a CA?
How can I get puppetmasterd to use the ca.pem file I provide for it?
Are you putting the PEM in the right place? This is what my Puppetmasterd ssl
dir looks like:
-bash-3.2$ find .
.
./certs
./certs/ca.pem
./certs/puppet.domain.com.pem
./crl.pem
./private_keys
./private_keys/puppet.domain.com.pem
./public_keys
./public_keys/puppet.domain.com.pem
./certificate_requests
./private
./ca
./ca/private
./ca/requests
./ca/signed
-scott
--
You received this message because you are subscribed to the Google Groups "Puppet
Users" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
