i have puppet distributed site:
[*] separate puppet-ca,
[*] puppet-master rules distribution point,
[*] puppet-master file-server
[*] puppet reports
and noticed the following :
1. client does not re-requests new certificate on certificate
revocation\expiration
2. puppetmaster on rules distrubution point does not recognize
client''s revoked certificate until puppetmaster is restarted (CRL is
syncronized)
i want the puppetd do following:
1) client generation new CSR on certificate expiration\revokation
(optionally by config file) including new key pair
2) client autocleaning\moving expired\revoked certificates
(including keys) to "revoked" folder on the client
3) client automatic re-requesting new certificate from puppet-
CA on certificate revocation\expiration (optionally by config file
option)
is there any version supports these features? i''m currently running
puppet version 0.24.4
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscribe@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.