Hi, Thanks for the reply Felix!
I am on 3.3.2! once i remove the cert with puppet agent clean! I dont see its certificate in the puppet cert list -all However, agent can still run the catalog! this is what worries me!! -Kaustubh On Friday, December 6, 2013 5:48:01 AM UTC-5, Felix.Frank wrote: > > Hi, > > removing the cert data is one thing, but to make sure the old certficate > cannot be used again, it must be effectively revoked. > > The (current) documentation states that puppet cert clean does in fact > revoke the certificate, so you should not be seeing this issue. > > Which version of puppet is this? > > Regards, > Felix > > On 12/04/2013 07:50 PM, kaustubh chaudhari wrote: > > Ok, > > > > I understood my doubts partially! > > > > When we uninstall puppet agent from windows box, it will not delete the > > APP Data folder for puppet which contains the certificates, to generate > > new certificate request you need to uninstall puppet agent and delete > > this directory. > > > > Further, i understood that puppetdb will deactivate the nodes but it > > will not delete/purge it, to purge we need set |"||node-purge-ttl||"| in > > the puppetdb config. > > > > What i was not able to understand is if i have removed the agent > > certificates from the puppet master "puppet cert clean wintest" why the > > request is getting accepted by master? > > > > Can someone please help me to understand this! > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/4be5241e-a852-4b81-b024-4d474c4fb0e9%40googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
