search for: ca_port

...is message) to allow a simpler Nginx configuration for your Mongrel puppetmasters. The two main issues with Nginx in front of puppet were: * no CRL support * no optional certificate verification (and thus we''re forced to have two separate configs on two different ports, and to use --ca_port). Now, it is as simple as the following configuration: upstream puppet-production { server 127.0.0.1:18140; server 127.0.0.1:18141; } server { listen 8140; ssl on; ssl_session_timeout 5m; ssl_certificate /var/lib/puppet/ssl/certs/puppetmaster.pe...

I did a quick look for it but I could not find it. When it comes to puppet masters, is it required to copy the puppet/ssl/ca directory to each puppet master or is there a configuration to make the puppet master not try to generate its own CA if there is a ca_server option specified? -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To

...ml In the documentation page linked above, it says: Puppet uses SSL certificates to control who can make requests to the puppet > master, so Dashboard has to obtain a signed cert before asking for facts or > files. To do this, edit config/settings.yml to ensure that the ca_server > and ca_port settings match the address and port of your puppet master, > then run the following commands: > > $ sudo -u puppet-dashboard rake cert:create_key_pair > $ sudo -u puppet-dashboard rake cert:request > > You’ll need to sign the certificate request on the master by running puppet &...

With both puppet-0.23.0 and 0.23.1 if I setup just the configuration file puppet.conf, none of the puppetd options seem to get parsed. I first noticed this when monit failed to start/stop services due to the lack of a pid file being generated (and mine is not in one of the usual places). I''m sure that something like the patch attached but I bet it breaks other assumptions :-) Cheers,

...factpath = $vardir/lib/facter vardir = /var/lib/puppet rundir = /var/run/puppet pluginsync = true certdnsnames = puppet:< removed > report = true configtimeout = 300 puppetdlog = $logdir/puppetd.log splaylimit = 1800 splay = true runinterval = 3600 ca_port = 8145 [puppetmasterd] storeconfigs = true dbadapter = mysql dbname = puppet dbuser = puppet dbpassword = < removed > dbserver = localhost dbsocket = /var/lib/mysql/mysql.sock reports = store,tagmail ssl_client_header = HTTP_X_SSL_SUBJECT --~--~---------~...

Hello All, I require some help for creating multiple puppetmaster with separate Puppet CA server. I followed the steps given in the link below for creating a separate CA server http://bodepd.com/wordpress/?p=7 My requirement is to create 2 Puppetmasters running nginx and unicorn which will be loadbalanced via RR DNS with a separate single Puppet CA server only for issuing and signing

...uppetdlog = /var//opt/csw/puppet/log/puppetd.log ca_server = mypuppet.example.net statefile = /var//opt/csw/puppet/state/state.yaml server = mypuppet.example.net httplog = /var//opt/csw/puppet/log/http.log splaylimit = 60 config = /etc//opt/csw/puppet/puppet.conf reportserver = mypuppet.example.net ca_port = 8140 puppetdlockfile = /var//opt/csw/puppet/state/puppetdlock classfile = /var//opt/csw/puppet/state/classes.txt signeddir = /etc//opt/csw/puppet/ssl/ca/signed autosign = /etc//opt/csw/puppet/autosign.conf cert_inventory = /etc//opt/csw/puppet/ssl/ca/inventory.txt cacert = /etc//opt/csw/puppet/ss...

...uppet archive_files = false async_storeconfigs = false authconfig = /etc/puppet/namespaceauth.conf autoflush = false autosign = /etc/puppet/autosign.conf bindaddress = "" bucketdir = /var/lib/puppet/bucket ca = true ca_days = "" ca_md = md5 ca_name = Puppet CA: vusion-production ca_port = 8140 ca_server = puppet ca_ttl = 5y cacert = /var/lib/puppet/ssl/ca/ca_crt.pem cacrl = /var/lib/puppet/ssl/ca/ca_crl.pem cadir = /var/lib/puppet/ssl/ca cakey = /var/lib/puppet/ssl/ca/ca_key.pem capass = /var/lib/puppet/ssl/ca/private/ca.pass caprivatedir = /var/lib/puppet/ssl/ca/private capub = /...

...rivate/password splaylimit = 1800 statefile = /var/puppet/state/state.yaml puppetdlog = /var/puppet/log/puppetd.log report_port = 8140 ca_server = puppet puppetdlockfile = /var/puppet/state/puppetdlock clientyamldir = /var/puppet/client_yaml reportserver = puppet ca_port = 8140 localconfig = /var/puppet/state/localconfig clientbucketdir = /var/puppet/clientbucket classfile = /var/puppet/state/classes.txt report_server = puppet graphdir = /var/puppet/state/graphs fileserverconfig = /etc/puppet/fileserver.conf config = /etc/puppet/puppet.c...

...0''. # runinterval = 1800 # The port to communicate with the inventory_server. # The default value is ''$masterport''. inventory_port = 8140 # The port to use for the certificate authority. # The default value is ''$masterport''. ca_port = 8140 # Whether puppet agent should be run in noop mode. # noop = false # Whether to create dot graph files for the different # configuration graphs. These dot files can be interpreted by tools # like OmniGraffle or dot (which is part of ImageMagick). # graph = false...