Rudy Gevaert
2014-Jun-24 07:00 UTC
[Puppet Users] puppet fingerprint and autosigning, reading the
Hello, I would like to integrate auto signing into my environment. Currently I'm running 3.6 master, but still with 2.7 agents. (Which means I can't add extra information in the certificate, that I could use as verification during the provisioning). I'm looking at using the fingerprint which would be fed into my inventory, and my auto sign script will query my inventory to see if the fingerprint matches. I'm having problems: 1) how to get the fingerprint out of the CSR. I'm using 'openssl req -pubkey -noout | openssl rsa -pubin -outform DER -noout | openssl md5' 2) that doesn't match the fingerprint the is returned when doing the first run: info: Certificate Request fingerprint (md5): 61:34:FD:D2:DF:44:D7:EA:C4:FE:93:C4:47:52:B3:05 3) Nor does it match the fingerprint on the client after the first run: # puppet agent --fingerprint 27:0B:A1:96:BE:C2:71:50:59:9F:7D:0A:9D:5C:71:81 any ideas anyone? Thanks, rudy -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscribe@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/60431f35-8c85-48d9-8147-738d7017c346%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.