On May 22, 2012, at 2:15 AM, Stuart Sears wrote: > It looks like the preliminary puppet run is receiving a cert and then using > that to connect to the puppet master, which works just fine, but then once > the node has rebooted, a completely new key pair appears to have been > generated on the client system, which no longer matches that on the master.
Seems likely that your host name is changing, thus it is generating a new certificate for the new hostname. I'll bet that if you can make the hostname/domain match between the two boots it will work fine. I have also heard of people using a single common cert for bootstrapping which is pre-signed in advance, and then the host gets their real cert after rebooting. YMMV. -- Jo Rhett Net Consonance : net philanthropy to improve open source and internet projects. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
