Thanks Patrick.
I was just gathering information. I had to give an overview of puppet and
our test implementation to our operations manager. Just wanted to make sure
I had an answer. It seems like a non issue from here anyway.
Cheers,
David
On Fri, Oct 22, 2010 at 2:35 PM, Patrick <kc7zzv@gmail.com> wrote:
>
> On Oct 22, 2010, at 10:39 AM, dagrundy wrote:
>
> > Hello All.
> >
> > I read in an earlier post at
> >
> >
>
http://markmail.org/search/?q=autosign+issues#query:autosign%20issues+page:1+mid:we6jrbn7hdjnhrie+state:results
> >
> > that as of puppet v24.4, autosigning did not support IP addresses. I
> > am running v25.5. Is this still the case?
>
> I don''t think this is supported. How do you want it to work? Are
you
> saying that any certificate request from a given range should be
autosigned,
> or are you saying that the ipaddress should be made into the certificate
> name? The first sounds like a huge security hole to me, and the second
> isn''t very hard to do if you manually set certname (on the client)
before
> the first startup. Then you use that name in your autosign.conf.
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To post to this group, send email to puppet-users@googlegroups.com.
> To unsubscribe from this group, send email to
>
puppet-users+unsubscribe@googlegroups.com<puppet-users%2Bunsubscribe@googlegroups.com>
> .
> For more options, visit this group at
> http://groups.google.com/group/puppet-users?hl=en.
>
>
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscribe@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.