subject:"\[Puppet Users\] Puppet Open Source with own Certificates"

Re: [Puppet Users] Puppet Open Source with own Certificates

2015-03-18 Thread hoize

Hi!

After a few hours of trial and error my problem is solved.
Here is the Solution:

/etc/apache2/sites-enabled/02-foreman.conf:

SSLEngine on
SSLCertificateFile   #Here you have to use 
SSLCertificateKeyFile #your own signed certificate + key


/etc/puppet/foreman.yaml:
...
:ssl_ca: # Here you have to use the cert of your CA (which created your 
Certificate for your Webserver)
...

The other certificates are self-signed certs from puppet. 
So my Browser-SSL-Failure is fixed and the nodes (puppet agents) get the 
certs signed from puppetmaster.

Thank You!
Hoize


-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/e7b84bf1-b5ba-4b70-a071-a030e054d933%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Puppet Open Source with own Certificates

2015-03-16 Thread Rilindo Foster

Hi Hoize,

To clarify, did you put Foreman on top of your existing Puppet
infrastructure or did you use the Puppet Master that Foreman installed?
It would make sense if it were the latter, because Foreman re-uses
Puppet's certificates for its own SSL setup. That, in turn, would
explain why the nodes stopped communicating with the master as it looks
like you may have overwrote Puppet's certificates with your own.

- Rilindo

On 03/05/2015 01:33 AM, hoize wrote:

Hello!

Because I can't find anything with google search to my problem with
Puppet Open Source, I hope someone of you can help me.

On my masterserver there I have installed Foreman running on Apache
and Puppet Master.

I wanted to replace the certificates of Apache with own certificates
to eradicate problems with the Browser (Certificate Trust).
But then I got another problem: The nodes could not communicate with
the Master.

So I decided to replace all certs with own certs, on the nodes and on
the master.

But how could I do this?

I hope you can help me. At PuppetLabs-Docs I only found the
configuration for Puppet Enterprise for my issue.

Thank You!

Greets Manuel Holzner

--
You received this message because you are subscribed to the Google
Groups "Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send
an email to puppet-users+unsubscr...@googlegroups.com
.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/0f8d8e8d-6d72-4065-9325-8d9630a472af%40googlegroups.com
.

For more options, visit https://groups.google.com/d/optout.

--
You received this message because you are subscribed to the Google Groups "Puppet
Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/55071A97.3070006%40gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Puppet Open Source with own Certificates

2015-03-16 Thread hoize

Hi!

I took the foreman-installer, which installed PuppetMaster, Apache2, 
MySQL,... 
Yes, the certificates are used by puppet and by foreman.. 

But even if I only change the paths of the SSL-Engine in the Apache2 
sites-config to my own certificates, the web-browser works fine, butt 
puppet can't communicate with the nodes..

Thank You!
Hoize

Am Montag, 16. März 2015 15:15:28 UTC+1 schrieb RIlindo Foster:
>
>  Hi Hoize,
>
> To clarify, did you put Foreman on top of your existing Puppet 
> infrastructure or did you use the Puppet Master that Foreman installed? It 
> would make sense if it were the latter, because Foreman re-uses Puppet's 
> certificates for its own SSL setup. That, in turn, would explain why the 
> nodes stopped communicating with the master as it looks like you may have 
> overwrote Puppet's certificates with your own.
>
> - Rilindo
>
> On 03/05/2015 01:33 AM, hoize wrote:
>  
> Hello!
>
> Because I can't find anything with google search to my problem with Puppet 
> Open Source, I hope someone of you can help me.
>
> On my masterserver there I have installed Foreman running on Apache and 
> Puppet Master.
>
> I wanted to replace the certificates of Apache with own certificates to 
> eradicate problems with the Browser (Certificate Trust).
> But then I got another problem: The nodes could not communicate with the 
> Master.
>
> So I decided to replace all certs with own certs, on the nodes and on the 
> master.
> But how could I do this?
>
> I hope you can help me. At PuppetLabs-Docs I only found the configuration 
> for Puppet Enterprise for my issue.
>
> Thank You!
>
> Greets Manuel Holzner
>
>
>  -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to puppet-users...@googlegroups.com .
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/0f8d8e8d-6d72-4065-9325-8d9630a472af%40googlegroups.com
>  
> 
> .
> For more options, visit https://groups.google.com/d/optout.
>
>
> 

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/950287ba-397a-48b1-a707-ca3e2cf83bc0%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Puppet Open Source with own Certificates

2015-03-16 Thread Rilindo Foster

Hi Hoize,

- Rilindo

On 03/05/2015 01:33 AM, hoize wrote:

Hello!

Because I can't find anything with google search to my problem with
Puppet Open Source, I hope someone of you can help me.

On my masterserver there I have installed Foreman running on Apache
and Puppet Master.

So I decided to replace all certs with own certs, on the nodes and on
the master.

But how could I do this?

I hope you can help me. At PuppetLabs-Docs I only found the
configuration for Puppet Enterprise for my issue.

Thank You!

Greets Manuel Holzner

For more options, visit https://groups.google.com/d/optout.

--
You received this message because you are subscribed to the Google Groups "Puppet
Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/5506E576.606%40gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Puppet Open Source with own Certificates

2015-03-16 Thread Rilindo Foster

Hi Hoize,

- Rilindo

On 03/05/2015 01:33 AM, hoize wrote:

Hello!

Because I can't find anything with google search to my problem with
Puppet Open Source, I hope someone of you can help me.

On my masterserver there I have installed Foreman running on Apache
and Puppet Master.

So I decided to replace all certs with own certs, on the nodes and on
the master.

But how could I do this?

I hope you can help me. At PuppetLabs-Docs I only found the
configuration for Puppet Enterprise for my issue.

Thank You!

Greets Manuel Holzner

For more options, visit https://groups.google.com/d/optout.

--
You received this message because you are subscribed to the Google Groups "Puppet
Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/puppet-users/5506E57E.2040301%40gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Puppet Open Source with own Certificates

2015-03-16 Thread hoize

Hi,

Sorry I havn't been at work the last week. 
Thank you very much for your answer.

At the moment I have installed the puppet own certs on my master.
Did you replace the certs? If yes, could you give me a short introduction, 
please? 

Thank You!
Hoize

Am Freitag, 6. März 2015 15:16:30 UTC+1 schrieb Felix.Frank:
>
> On 03/05/2015 08:33 AM, hoize wrote: 
> > 
> > I hope you can help me. At PuppetLabs-Docs I only found the 
> > configuration for Puppet Enterprise for my issue. 
>
> Hi, 
>
> apart from some path names, it should be applicable to open source puppet. 
>
> Can you link the specific howto you are following, and indicate where 
> you stumbled? 
>
> Thanks, 
> Felix 
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/70074a27-54c7-4a7b-903f-b9cc9e6efe24%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Puppet Open Source with own Certificates

2015-03-06 Thread Felix Frank

On 03/05/2015 08:33 AM, hoize wrote:
> 
> I hope you can help me. At PuppetLabs-Docs I only found the
> configuration for Puppet Enterprise for my issue.

Hi,

apart from some path names, it should be applicable to open source puppet.

Can you link the specific howto you are following, and indicate where
you stumbled?

Thanks,
Felix

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/54F9B6A7.5090700%40alumni.tu-berlin.de.
For more options, visit https://groups.google.com/d/optout.

[Puppet Users] Puppet Open Source with own Certificates

2015-03-05 Thread hoize

Hello!

Because I can't find anything with google search to my problem with Puppet 
Open Source, I hope someone of you can help me.

On my masterserver there I have installed Foreman running on Apache and 
Puppet Master.

I wanted to replace the certificates of Apache with own certificates to 
eradicate problems with the Browser (Certificate Trust).
But then I got another problem: The nodes could not communicate with the 
Master.

So I decided to replace all certs with own certs, on the nodes and on the 
master.
But how could I do this?

I hope you can help me. At PuppetLabs-Docs I only found the configuration 
for Puppet Enterprise for my issue.

Thank You!

Greets Manuel Holzner


-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/0f8d8e8d-6d72-4065-9325-8d9630a472af%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Puppet Open Source with own Certificates

Re: [Puppet Users] Puppet Open Source with own Certificates

Re: [Puppet Users] Puppet Open Source with own Certificates

Re: [Puppet Users] Puppet Open Source with own Certificates

Re: [Puppet Users] Puppet Open Source with own Certificates

Re: [Puppet Users] Puppet Open Source with own Certificates

Re: [Puppet Users] Puppet Open Source with own Certificates

[Puppet Users] Puppet Open Source with own Certificates

8 matches

Site Navigation

Mail list logo

Footer information