On Tue, Sep 14, 2010 at 11:53 AM, M C <[email protected]> wrote:
> Restarting the puppet master with the certdnsname option set did not change
> the certificate in /var/lib/puppet/ssl/certs/admin.baz.bar.com at all.
>
> My understanding from the documentation is that the issue was with ca.pem.
If that's the case, the options I provided wasn't addressing the right
certificate.
Is that not the case? Is there some trick to get puppet to regenerate the
> certs properly? From what I've been able to find, this seems to be at least
> partially related to Bug #4226.
If the problem is related to 4226, you just need to specify ca_name option
when running puppetmaster for the first time. Once the ca.pem file is
created it won't replace it:
puppetmasterd -v --ca_name="Puppet CA puppet.bar.com"
Issuer: CN=Puppet CA puppet.bar.com
...
X509v3 Key Usage:
Certificate Sign, CRL Sign
I would backup the ssl directory first.
Thanks,
Nan
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
