None of the certs are expired, I just checked.
Hopefully we will have puppet4 puppetservers in a few weeks and all this will
be behind me.
On Fri, Feb 19, 2016 at 07:26:06PM -0500, warron.french wrote:
>HI Christopher, is either certain invalid/expired? I don't know the
>typical certif
HI Christopher, is either certain invalid/expired? I don't know the
typical certificate lifespan.
On Feb 19, 2016 3:54 PM, "Christopher Wood"
wrote:
> I checked, the CA in use on my puppet4/puppetserver installation
> definitely has no subjectAltName extension and a puppet4 agent works.
>
> In
I checked, the CA in use on my puppet4/puppetserver installation definitely has
no subjectAltName extension and a puppet4 agent works.
In all likelihood I messed up something in the config.
On Wed, Feb 17, 2016 at 10:23:19PM +0100, Felix Frank wrote:
> Hi Christopher,
>
> I have no first hand e
Hi Christopher,
I have no first hand experience with this transition, but Martin put a
note about SSL in the Puppet 4 chapter of the new Puppet Essentials
(yes, I'm plugging us :-)
Apparently Puppet 4 cannot use a CA that was created without the
dns_alt_names setting. This might just be your
Update is that I still don't know why this happened, but I know what I should
not do when I go to convert the production puppetmasters.
I have a set of 3.8.5 masters and was attempting to bring up a 4.3.2 master
(puppetserver 2.2.1, puppet-agent 1.3.4) as a non-CA master to test things
with. A
I have a puppet 3 agent attempting an agent run against a puppet 4 master but I
am getting ssl errors. I'm out of google-fu and I've verified certs and keys,
run both sides in debug using puppetserver and the rack "puppet master
--no-daemonize --verbose", and am not seeing anything that jumps ou
