Currently the puppetca CA password is set to ''secret'' How would one go about changing it? I agree with puppetlabs documentation that you should be an SSL expert to implement your own CA. I am not. However I would like to use puppet''s CA PKI infrastructure with ActiveMQ over TLS and it is seems logical to use puppet''s KPI with this for mcollective and activemq. I am sure it is possible with openssl, however, go ahead see what you can find on change CA or certificate authority openssl. I do not want to spends hours and hours testing any changes. I am certain the person/people that implemented puppetca would know the answer to this question in minutes, not hours. Anyway, there should be a puppetlabs docs on how to do it. Really EVERY puppetca has the password ''secret''? I guess it is not a KNOWN security risk. http://puppetlabs.com/blog/important-security-announcement-altnames-vulnerability/ Not known. Come on puppetca guru''s how the hell do you change the puppetca "ca.pass" password from ''secret''???? -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.