On Sat, Aug 24, 2013 at 5:18 PM, Jakov Sosic <[email protected]> wrote: > Only if you use autosign option. After the certificate is signed, agents > report certname and not hostname.
Well-behaved clients report certname. A malicious client could use one cert, but report a different name. AIUI the puppet master checks the certificate to allow connection, but uses the client-reported name to pick the configuration served. cheers, m -- [email protected] - ask interesting questions - don't get distracted with shiny stuff - working code first ~ http://docs.moodle.org/en/User:Martin_Langhoff -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
