Don Jackson
2008-Nov-22 22:36 UTC
[Puppet Users] Did puppetca/puppetmasterd get changed to support a cname, if so when?
I would like to add a cname of puppet to the machine that runs puppetmasterd, and have point my puppetds at that, but ran into the same problem that others had a while back, namely: err: Could not retrieve catalog: Certificates were not trusted: hostname was not match with the server certificate I browsed the archives, and found this problem was discovered, and one potential solution proposed:> If my reading of post_connection_check > in /usr/lib/ruby/1.8/openssl/ssl.rb is correct, it should be > possible to > fix this by adding ''subjectAltName'' extensions to the server cert. > Changes are definitely needed in the way that the puppetmaster > generates > the server cert.Did this fix ever happen, and if so, in which version of puppet? Right now, my puppetmasterd is v 0.22.4, so that is pretty old... Don --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~----------~----~----~----~------~----~------~--~---