After manually removing some requests and old certs what is the best way of regenerating the inventory.txt file? Or is it even necessary? What does the inventory.txt file do anyway? I know it contains the list of all the certificates being used in the system, but is it just a convenience file or does the system rely on it for something important? Thanx! Richard --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~----------~----~----~----~------~----~------~--~---
On Tue, Aug 26, 2008 at 8:22 AM, Richard Hurt <rnhurt@gmail.com> wrote:> After manually removing some requests and old certs what is the best way of > regenerating the inventory.txt file? Or is it even necessary? What does > the inventory.txt file do anyway? I know it contains the list of all the > certificates being used in the system, but is it just a convenience file or > does the system rely on it for something important? >Actually, there''s a bug in the releases that means this file will get completely regenerated every time a new cert is signed :) http://reductivelabs.com/redmine/issues/show/1448 If you remove the file, it will get regenerated. It''s just for reporting as that''s the Right Thing to do with a CA. That accepted patch in the above issue improves CA performance significantly once you have a lot of certificates... -- Nigel Kersten Systems Administrator Tech Lead - MacOps --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~----------~----~----~----~------~----~------~--~---
On Aug 26, 11:28 am, "Nigel Kersten" <nig...@google.com> wrote:> On Tue, Aug 26, 2008 at 8:22 AM, Richard Hurt <rnh...@gmail.com> wrote: > > After manually removing some requests and old certs what is the best way of > > regenerating the inventory.txt file? Or is it even necessary? What does > > the inventory.txt file do anyway? I know it contains the list of all the > > certificates being used in the system, but is it just a convenience file or > > does the system rely on it for something important? > > Actually, there''s a bug in the releases that means this file will get > completely regenerated every time a new cert is signed :) > > http://reductivelabs.com/redmine/issues/show/1448 > > If you remove the file, it will get regenerated. It''s just for reporting as > that''s the Right Thing to do with a CA. > > That accepted patch in the above issue improves CA performance significantly > once you have a lot of certificates...So, it''s safe to remove it and have it automatically regenerated when it gets "corrupted" correct? Even after the patch? I realize this will cause a performance hit when it regenerates but it wont screw anything up. Thanx! Richard --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~----------~----~----~----~------~----~------~--~---
On Wed, Aug 27, 2008 at 4:13 AM, Richard <rnhurt@gmail.com> wrote:> > On Aug 26, 11:28 am, "Nigel Kersten" <nig...@google.com> wrote: > > On Tue, Aug 26, 2008 at 8:22 AM, Richard Hurt <rnh...@gmail.com> wrote: > > > After manually removing some requests and old certs what is the best > way of > > > regenerating the inventory.txt file? Or is it even necessary? What > does > > > the inventory.txt file do anyway? I know it contains the list of all > the > > > certificates being used in the system, but is it just a convenience > file or > > > does the system rely on it for something important? > > > > Actually, there''s a bug in the releases that means this file will get > > completely regenerated every time a new cert is signed :) > > > > http://reductivelabs.com/redmine/issues/show/1448 > > > > If you remove the file, it will get regenerated. It''s just for reporting > as > > that''s the Right Thing to do with a CA. > > > > That accepted patch in the above issue improves CA performance > significantly > > once you have a lot of certificates... > > So, it''s safe to remove it and have it automatically regenerated when > it gets "corrupted" correct? Even after the patch? I realize this > will cause a performance hit when it regenerates but it wont screw > anything up.Yep. I''ve tested removing the file both before and after the patch. It''s not going to screw anything up. -- Nigel Kersten Systems Administrator Tech Lead - MacOps --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~----------~----~----~----~------~----~------~--~---