Jira (PUP-2248) Provide a better way to connect and retrieve certificate without doing a client run.
Title: Message Title Kenn Hussey updated an issue Puppet / PUP-2248 Provide a better way to connect and retrieve certificate without doing a client run. Change By: Kenn Hussey Release Notes: Not Needed Add Comment This message was sent by Atlassian JIRA (v7.7.1#77002-sha1:e75ca93) -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com. To post to this group, send email to puppet-bugs@googlegroups.com. Visit this group at https://groups.google.com/group/puppet-bugs. For more options, visit https://groups.google.com/d/optout.
Jira (PUP-2248) Provide a better way to connect and retrieve certificate without doing a client run.
Title: Message Title Maggie Dreyer updated an issue Puppet / PUP-2248 Provide a better way to connect and retrieve certificate without doing a client run. Change By: Maggie Dreyer Fix Version/s: PUP 6.0.0 Add Comment This message was sent by Atlassian JIRA (v7.7.1#77002-sha1:e75ca93) -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com. To post to this group, send email to puppet-bugs@googlegroups.com. Visit this group at https://groups.google.com/group/puppet-bugs. For more options, visit https://groups.google.com/d/optout.
Jira (PUP-2248) Provide a better way to connect and retrieve certificate without doing a client run.
Title: Message Title Josh Cooper updated an issue Puppet / PUP-2248 Provide a better way to connect and retrieve certificate without doing a client run. Change By: Josh Cooper Sub-team: Coremunity Add Comment This message was sent by Atlassian JIRA (v7.7.1#77002-sha1:e75ca93) -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com. To post to this group, send email to puppet-bugs@googlegroups.com. Visit this group at https://groups.google.com/group/puppet-bugs. For more options, visit https://groups.google.com/d/optout.
Jira (PUP-2248) Provide a better way to connect and retrieve certificate without doing a client run.
Title: Message Title Josh Cooper updated an issue Puppet / PUP-2248 Provide a better way to connect and retrieve certificate without doing a client run. Change By: Josh Cooper Team: Platform Core Add Comment This message was sent by Atlassian JIRA (v7.7.1#77002-sha1:e75ca93) -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com. To post to this group, send email to puppet-bugs@googlegroups.com. Visit this group at https://groups.google.com/group/puppet-bugs. For more options, visit https://groups.google.com/d/optout.
Jira (PUP-2248) Provide a better way to connect and retrieve certificate without doing a client run.
Title: Message Title Moses Mendoza updated an issue Puppet / PUP-2248 Provide a better way to connect and retrieve certificate without doing a client run. Change By: Moses Mendoza Labels: triaged Add Comment This message was sent by Atlassian JIRA (v6.4.14#64029-sha1:ae256fe) -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com. To post to this group, send email to puppet-bugs@googlegroups.com. Visit this group at https://groups.google.com/group/puppet-bugs. For more options, visit https://groups.google.com/d/optout.
Jira (PUP-2248) Provide a better way to connect and retrieve certificate without doing a client run.
Title: Message Title Maggie Dreyer updated an issue Puppet / PUP-2248 Provide a better way to connect and retrieve certificate without doing a client run. Change By: Maggie Dreyer Labels: triaged Add Comment This message was sent by Atlassian JIRA (v6.4.14#64029-sha1:ae256fe) -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com. To post to this group, send email to puppet-bugs@googlegroups.com. Visit this group at https://groups.google.com/group/puppet-bugs. For more options, visit https://groups.google.com/d/optout.
Jira (PUP-2248) Provide a better way to connect and retrieve certificate without doing a client run.
Title: Message Title Jo Rhett commented on PUP-2248 Re: Provide a better way to connect and retrieve certificate without doing a client run. I'll check it out. I didn't manage to come up with those commands from the existing documentation, my bad. Add Comment This message was sent by Atlassian JIRA (v6.4.14#64029-sha1:ae256fe) -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com. To post to this group, send email to puppet-bugs@googlegroups.com. Visit this group at https://groups.google.com/group/puppet-bugs. For more options, visit https://groups.google.com/d/optout.
Jira (PUP-2248) Provide a better way to connect and retrieve certificate without doing a client run.
Title: Message Title R.I.Pienaar commented on PUP-2248 Re: Provide a better way to connect and retrieve certificate without doing a client run. $ puppet certificate generate some.cert --ssldir /tmp/whatever --ca-location remote --ca_serve ca.example.net # someone signs it $ puppet certificate find some.cert --ssldir /tmp/whatever --ca-location remote --ca_server ca.example.net # get the ca too $ puppet certificate find ca --ssldir /tmp/whatever --ca-location remote --ca_server ca.example.net not sure this is 'better', but it worked last time I checked. Add Comment This message was sent by Atlassian JIRA (v6.4.14#64029-sha1:ae256fe)
Jira (PUP-2248) Provide a better way to connect and retrieve certificate without doing a client run.
Title: Message Title Kurt Wall assigned an issue to Eric Sorenson Puppet / PUP-2248 Provide a better way to connect and retrieve certificate without doing a client run. Change By: Kurt Wall Assignee: Jo Rhett Eric Sorenson Add Comment This message was sent by Atlassian JIRA (v6.4.14#64029-sha1:ae256fe) -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com. To post to this group, send email to puppet-bugs@googlegroups.com. Visit this group at https://groups.google.com/group/puppet-bugs. For more options, visit https://groups.google.com/d/optout.
Jira (PUP-2248) Provide a better way to connect and retrieve certificate without doing a client run.
Title: Message Title Jo Rhett commented on PUP-2248 Re: Provide a better way to connect and retrieve certificate without doing a client run. puppet cert has existed for many years, but it must be run from a machine which has direct file access to the certificate authority's keys. Furthermore, the signer then has access to the secret key. Yes it is possible to copy the public key and CRS file around to get it signed, however Puppet already provides a convenient request and delivery mechanism for creation of certificates. The command documented above provided a way for a user to request a key from their own machine, without ever sharing the secret key with the person who approves the request. This is required for PCI and other environments where identity must be provable. Add Comment This message was sent by Atlassian JIRA (v6.4.14#64029-sha1:ae256fe) -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com. To post to this group, send email to puppet-bugs@googlegroups.com. Visit this group at https://groups.google.com/group/puppet-bugs. For more options, visit https://groups.google.com/d/optout.
Jira (PUP-2248) Provide a better way to connect and retrieve certificate without doing a client run.
Title: Message Title Kurt Wall commented on PUP-2248 Re: Provide a better way to connect and retrieve certificate without doing a client run. Hi Jo Rhett. We now have the puppet cert subcommand. Does that address your needs in this request? I’ve put this ticket’s status into “Needs Information” and assigned it to you. Please either (a) update it with the information I’ve requested and re-assign it to me if you need more help, or (b) change the status to “Closed” if you were able to resolve the issue on your own. Add Comment This message was sent by Atlassian JIRA (v6.4.14#64029-sha1:ae256fe) -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com. To post to this group, send email to puppet-bugs@googlegroups.com. Visit this group at https://groups.google.com/group/puppet-bugs. For more options, visit https://groups.google.com/d/optout.
Jira (PUP-2248) Provide a better way to connect and retrieve certificate without doing a client run.
Title: Message Title Kurt Wall assigned an issue to Jo Rhett Puppet / PUP-2248 Provide a better way to connect and retrieve certificate without doing a client run. Change By: Kurt Wall Assignee: Jo Rhett Add Comment This message was sent by Atlassian JIRA (v6.4.14#64029-sha1:ae256fe) -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com. To post to this group, send email to puppet-bugs@googlegroups.com. Visit this group at https://groups.google.com/group/puppet-bugs. For more options, visit https://groups.google.com/d/optout.
Jira (PUP-2248) Provide a better way to connect and retrieve certificate without doing a client run.
Title: Message Title Jo Rhett created an issue Puppet / PUP-2248 Provide a better way to connect and retrieve certificate without doing a client run. Issue Type: Improvement Affects Versions: 3.5.1 RC Assignee: Unassigned Created: 15/Apr/14 1:31 AM Priority: Normal Reporter: Jo Rhett At times a person wants to generate and get a signed certificate without actually using the certificate. This is often used when pre-creating puppet hosts, and is also used when creating client certificates for mcollective. At this time the following is the only method I can determine to do this. It would be nice to have an option to not run which doesn't produce an error each time. $ puppet agent --certname jorhett --server puppet.example.net --no-daemonize --no-client --verbose Info: Caching certificate for jorhett Info: Caching certificate for jorhett Notice: Starting Puppet client version 3.5.1-rc1 Error: Could not run: Daemons must have an agent, server, or both Yes, this request is mostly cosmetic but could be considered an option request.
Jira (PUP-2248) Provide a better way to connect and retrieve certificate without doing a client run.
Title: Message Title Jo Rhett updated an issue Puppet / PUP-2248 Provide a better way to connect and retrieve certificate without doing a client run. Change By: Jo Rhett Attimesapersonwantstogenerateand get retrieve asignedcertificatewithoutactually usingthecertificate executingapuppetrun .Thisisoftenusedwhenpre-creatingpuppethosts, andisalsoused or whencreatingclientcertificatesformcollective.AtthistimethefollowingistheonlymethodIcandeterminetodothis.Itwouldbenicetohaveanoptiontonotrunwhichdoesn'tproduceanerroreachtime.{code}$puppetagent--certnamejorhett--serverpuppet.example.net--no-daemonize--no-client--verboseInfo:CachingcertificateforjorhettInfo:CachingcertificateforjorhettNotice:StartingPuppetclientversion3.5.1-rc1Error:Couldnotrun:Daemonsmusthaveanagent,server,orboth{code}Yes,thisrequestismostlycosmeticbutcouldbeconsideredanoptionrequest. Add Comment This message was sent by Atlassian JIRA (v6.1.4#6159-sha1:44eaede) -- You received this message because you are subscribed to the Google Groups Puppet Bugs group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com. To post to this group, send email to puppet-bugs@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-bugs. For more options, visit https://groups.google.com/d/optout.