If it helps I did a bit of a Gist walkthrough of the full cert recreation etc. using puppet cert generate here: https://gist.github.com/kbarber/5934100 ...
On Fri, Jul 5, 2013 at 1:00 PM, Ken Barber <[email protected]> wrote: >> I have a standard Puppet 2.7 configuration installed from Gem on Ubuntu >> 12.04, running behind Apache. >> >> I'm testing the reprovisioning of the puppet master from scratch in Vagrant >> and ran into a little snug - apache configuration points to a puppet >> ca_crl.pem file which doesn't exist, so apache refuses to start. > > Have you tried just using 'puppet cert generate <mymaster_name>' to > populate the initial certificates? I don't have a 2.7.x around, but > for 3.x it repopulates all the missing certificates it seems including > ca_crl.pem. > >> The puppet master documentation says that it'll automatically generate this >> file if it isn't present, but I need a way to get it generated automatically >> before apache tries to start. > > Yes, and it does - when you start it standalone using webrick (ie. > puppet master --no-daemonize --debug --log console ... or something > will probably do the trick). But the SSL offloading to Apache kind of > breaks this as you've mentioned. > > ken. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
