Hi, We have a specific configuration where Puppet Agents are in an internet DMZ, Puppet Master is on the LAN and there''s no way for Puppet Agents to connect to the Puppet Master. We have opened port 8139 for the Master to establish the connection to the Agents. So, we have the problem for configuration. We need the Agents to connect to the Master so that the Master can generate the certificate and accept the Agent request. Usually this is done via the Agent requesting the Master to sign and accept. We need this done the other way, the Master generating signed certificates for the Agents and distributing the certificates to the Agents. We didn''t find the documentation on the specific procedure. Thanks for your hints, Regards, Gilles -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Dan White
2012-Jan-26 18:46 UTC
Re: [Puppet Users] Configuring Puppet from Master to Agent
http://serverfault.com/questions/137292/how-can-i-pre-sign-puppet-certificates “Sometimes I think the surest sign that intelligent life exists elsewhere in the universe is that none of it has tried to contact us.” Bill Waterson (Calvin & Hobbes) ----- Gilles <gilles.antonetti@gmail.com> wrote:> > Hi, > > We have a specific configuration where Puppet Agents are in an > internet DMZ, Puppet Master is on the LAN and there''s no way for > Puppet Agents to connect to the Puppet Master. > > We have opened port 8139 for the Master to establish the connection to > the Agents. > > So, we have the problem for configuration. We need the Agents to > connect to the Master so that the Master can generate the certificate > and accept the Agent request. Usually this is done via the Agent > requesting the Master to sign and accept. > > We need this done the other way, the Master generating signed > certificates for the Agents and distributing the certificates to the > Agents. > > We didn''t find the documentation on the specific procedure. > > Thanks for your hints, Regards, > Gilles > > -- > You received this message because you are subscribed to the Google Groups "Puppet Users" group. > To post to this group, send email to puppet-users@googlegroups.com. > To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. > For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. >-- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.