On Sat, Aug 20, 2011 at 12:18 PM, Brian Troutwine <[email protected]>wrote:
> On Sat, Aug 20, 2011 at 10:04 AM, Laurence Southon < > [email protected]> wrote: > >> On 20/08/11 01:13, Brian Troutwine wrote: >> > How do I actually revoke a faulty certificate? >> >> You can remove the client certificate entirely with: >> >> puppetca --clean apt.example.com > > > I overlooked that entirely. Thank you. > This does look like the flag I was looking for, however: # puppet cert --clean apt.example.com notice: Revoked certificate with serial # Inventory of signed certificates # SERIAL NOT_BEFORE NOT_AFTER SUBJECT 0x0001 2011-08-19T18:20:48GMT 2016-08-17T18:20:48GMT /CN=Puppet CA: puppet.example.com 0x0002 2011-08-19T18:20:48GMT 2016-08-17T18:20:48GMT /CN=puppet.example.com 0x0003 2011-08-19T18:21:46GMT 2016-08-17T18:21:46GMT /CN=gateway.example.com err: Could not call revoke: Cannot convert into OpenSSL::BN and on apt.example.com: # puppet agent --test --noop info: Creating a new SSL key for apt.example.com warning: peer certificate won't be verified in this SSL session warning: peer certificate won't be verified in this SSL session info: Creating a new SSL certificate request for apt.example.com info: Certificate Request fingerprint (md5): FB:05:0D:41:C8:46:3C:44:EE:AC:9D:48:4E:4A:CC:FB warning: peer certificate won't be verified in this SSL session warning: peer certificate won't be verified in this SSL session info: Caching certificate for apt.example.com err: Could not retrieve catalog from remote server: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed warning: Not using cache on failed catalog err: Could not retrieve catalog; skipping run A new one will then be generated next time you connect. >> >> LS >> -- >> Laurence Southon >> Tiger Computing, Bexley >> www.tiger-computing.co.uk >> >> -- >> You received this message because you are subscribed to the Google Groups >> "Puppet Users" group. >> To post to this group, send email to [email protected]. >> To unsubscribe from this group, send email to >> [email protected]. >> For more options, visit this group at >> http://groups.google.com/group/puppet-users?hl=en. >> >> > > > -- > Brian L. Troutwine > > -- Brian L. Troutwine -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
