One more problem, since puppet certificate --ca-location remote destroy does nothing, what is the whole point of puppet certificate ? A puppet generate for the same host fails because it already exist, So I can't use it to remotely manage the puppet's PKI. It undermine the whole point of the command.
> Le 5 avr. 2017 à 15:58, Fabrice Bacchella <[email protected]> a > écrit : > > I'm playing with the "puppet certificate" command. > > But when I run "puppet certificate --ca-location remote list" > > I see in the log: > > 10.83.16.17 - - [05/Apr/2017:15:52:46 +0200] "GET > /puppet-ca/v1/certificate_statuss/*?environment=production&for=certificate_request > HTTP/1.1" 404 9 "-" "Puppet/4.9.4 Ruby/2.1.9-p490 (x86_64-linux)" 38 > > certificate_statuss ? Really ? > > Because meanwhile, "puppet certificate --ca-location remote sign webtester" > generated: > 10.83.16.17 - - [05/Apr/2017:15:51:47 +0200] "PUT > /puppet-ca/v1/certificate_status/webtester?environment=production& HTTP/1.1" > 204 0 "-" "Puppet/4.9.4 Ruby/2.1.9-p490 (x86_64-linux)" 467 > > That's better I think. > > And "puppet certificate --ca-location remote destroy webtester" > > generated > 10.83.16.17 - - [05/Apr/2017:15:56:32 +0200] "DELETE > /puppet-ca/v1/certificate/webtester?environment=production& HTTP/1.1" 403 112 > "-" "Puppet/4.9.4 Ruby/2.1.9-p490 (x86_64-linux)" 15 > > I'm surprise similar command talks to different URL. It's not easy to track > them in auth.conf. > > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/puppet-users/1B695C3B-2DE2-464B-A344-A069065D212E%40orange.fr. > For more options, visit https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/1C3F185C-1387-4C98-B4F2-6157B73E244B%40orange.fr. For more options, visit https://groups.google.com/d/optout.
