2014-08-05 23:23 GMT+02:00 Gabriel Filion <[email protected]>: > On 05/08/14 01:28 PM, Nan Liu wrote: >> Please don't resign all client certificates. All you need to do is >> recreate a puppet master certificate with dns alt name accepting both >> the old and new puppet master hostname. Because passenger and other >> configuration may already refer to the existing pem file name, it's >> easier to just add the new hostname to the dns_alt_names accept list > > ah, thanks a lot for this. I was sure there was a more clever way to do > this :) > > -- > Gabriel Filion >
Hi, I didn't know it either. :) This drive me to ask a related question: Can the same approach be used when the certificate expires? I suppose the answer is yes but I haven't got the opportunity to try it Thank you Best regards -------------------------------------------------------------------------------------- Juan Sierra Pons [email protected] Linux User Registered: #257202 Web: http://www.elsotanillo.net Git: http://www.github.com/juasiepo GPG key = 0xA110F4FE Key Fingerprint = DF53 7415 0936 244E 9B00 6E66 E934 3406 A110 F4FE -------------------------------------------------------------------------------------- -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CABS%3Dy9uY4Dwb7Fo7oZnkuVj1o_0R1XJWZ-pLcK%3DJV8bi_G6FTQ%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
