search for: clientcert

Morning All I''m trying to use Hiera with Puppet 3.0 to streamline some of my module configuration... However I''m having issues using the ''*%{::clientcert}*'' variable as part of the hierarchy... Currently, my *hiera.yaml* file looks like: --- :backends: - yaml - json :yaml: :datadir: /etc/puppet/hieradata :json: :datadir: /etc/puppet/hieradata :hierarchy: - nodes/%{::clientcert} - common/%{::location} - common/%{::environmen...

Hi: I work on puppet 3 and hiera, but i cannt load a yaml file on a subdir. my hiera.yaml looks like: --- :backends: - yaml - json :yaml: :datadir: /etc/puppet/hieradata :json: :datadir: /etc/puppet/hieradata :hierarchy: - "servidores/%{clientcert}" - %{::ve} - common :puppet: :datasource: data problem is on "servidores/%{clientcert}". If it is %{::clientcert} and file is on root dir ( /etc/puppet/hieradata), everithing works fine. If i try to use a subdir, no mather what i use, it fails. what i doing wrong ? thanks...

On 08/12/2010 10:29 AM, Lars Kellogg-Stedman wrote: > Hello all, > > I'm trying to get virsh (and virt-manager) to talk to a remote libvirt > instance. I cannot for the life of me figure out how to tell either > tool where to find client or CA certificates. Do they *really* need > to access the ones in /etc/pki? In particular, the client seems to > want to read the

Hi all! I''m trying to setup a puppet module for sudo that will write multiple files with separate data for each file, all dependent on the hiera hierarchy. Here''s the relevant portion of my hiera.yaml: > :hierarchy: > > - "datacenter/app/role/node/%{::clientcert}" > > - "datacenter/app/role/%{::server_role}" > > - "datacenter/app/%{::app_name}" > > - "datacenter/%{::datacenter}" > > - common > > Basically, a node can have different files in /etc/sudoers.d/ depending on the structure...

We''re trying to set a role variable in one of our role classes i.e. class role::nameserver { $::role = ''nameserver'' include profile::baseline } however we get the following error Error: Could not retrieve catalog from remote server: Error 400 on SERVER: Could not parse for environment production: Cannot assign to variables in other namespaces We do not get

Hi, I''m having a problem with extlookup not respecting the ''certname'' parameter[1].  When executing a puppet run with either the --certname or --fqdn parameters, it ends up using the specified SSL certificate and gets the correct node definition applied from the puppetmaster.  However, it still retrieves extlookup data using the node''s actual FQDN, not the one

Hi, I created an account but when I go to issues.asterisk.org <http://issues.asterisk.org/> It still asks for a client certificate. See this screen shot, hopefully it showswhat I mean. http://firestar-hosting.com/clientcert <http://firestar-hosting.com/clientcert>.png -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.digium.com/pipermail/asterisk-users/attachments/20151125/a4ae019b/attachment.html>

...9;'s some articles and docs I read: http://www.codeproject.com/Articles/522746/Storing-Tree-like-Hierarchy-Structures-With-MongoD http://docs.mongodb.org/manual/tutorial/model-tree-structures/ Example of hiera data would be a typical hierarchy: # /etc/hiera.yaml --- :hierarchy: - "%{::clientcert}" - "%{::environment}" - "%{::datacenter}" - common But for mongodb I''m guessing that would look like: common -> datacenter -> environment -> clientcert Where clientcert is the leaf node. Does anyone have a reference schema I may be able to refer t...

...mmand with root privileges: virsh -c qemu://192.168.1.2/system everything works, anyway I get this warning too: 2014-02-26 13:03:25.035+0000: 10825: info : libvirt version: 1.1.1 2014-02-26 13:03:25.035+0000: 10825: warning : virNetTLSContextCheckCertKeyPurpose:364 : Certificate /etc/pki/libvirt/clientcert.pem purpose does not allow use for with a TLS client I don't know if it is a problem, I need to live migrate machines... Anyway, main problem is that I don't want to run virsh with root privileges. Where the problem is?

Thanks for the response. My current chain is as follows: caroot -> child-ca1 -> server cert My cacert.pem file has both the caroot and the child-ca1 certs. I have recompiled libvirt on my machine with some extra debug statements and verified that both the caroot cert and the child-ca1 certs are being loaded. But when I try to connect the caroot and child-ca1 certs only appear under the

Does any one know how to evaluate a node hostname in the nodes.pp file? for example something like this.. node ''node1.com'', ''node2.com'', ''node3.com'' { case node.name { ''node1.com'' : { include solaris } ''node2.com'' : { include redhat } ''node3.com'' : { include aix

...o you can't use a revoked client cert.) c) returns the CommonName from the client cert. in ssl_proxy_get_peer_name (this way it's easier to use dovecot as imap-proxy with a passwd-like userdb, ssl_require_client_cert and ssl_username_from_cert, it "binds" the emailuser to the clientcertificate, a clientcert. can access only the account from the userdb) in order to use it, the CAfile must be a file which contains the CAcertificate (pem format) followed by the CRL (also in pem format). (servercert and the clientcerts are signed with a self-signed rootcert) there are some issues...

...ect-dev.novalocal Line 35 in the above manifest contains the line class { "apache": } as we''re using a standard module apache from Puppetlabs to manage an installation of Apache. And here is our hiera.yaml --- :backends: - yaml :hierarchy: - private/%{::environment}/%{::clientcert} - public/%{::environment}/%{::clientcert} - private/%{::environment}/%{::environment} - public/%{::environment}/%{::environment} - public/%{::environment}/%{::operatingsystem} - public/%{::environment}/common :yaml: :datadir: ''/etc/puppet/hieradata/'' Any ideas how t...

...server ($@)"; if ($config{ldapTLS} == 1) { - $ldap_master->start_tls( + $mesg = $ldap_master->start_tls( verify => "$config{verify}", clientcert => "$config{clientcert}", clientkey => "$config{clientkey}", cafile => "$config{cafile}"...

I appears that backreferences when using regexes in node names doesn''t work. Can anyone confirm this? If I''m incorrect, how do I go about using a backreference to the name regex within the node definition container? Thanks, Guy -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To view this discussion on the web

...uestions: - can Dovecot be CONFIGURED to do the above. I compiled it yesterday and SSL client authentication works as expected. OTP seems to be supported via PAM and I can write a PAM-modul for our OTP-tokens, so OTP would be possible too. But how do I tell Dovecot to do OTP-auth as a fallback for ClientCert-auth. - I already looked into the sourcecode of Dovecot. Seems like all the authentication routines were built as pluggable modules. Is there any documentation out there on how how to built my own auth-module. Integrating the OTP-auth directly into Dovecot would be a lot easier (for me) than creat...

Good day Asterisk users, If this is the wrong place to post this, my apologies. However, I'm trying to see where I can get a patch for the res_musiconhold.so module. I have an issue where if someone is placed on hold, or is placed in a queue, after any announcement is played in the queue, or if someone is put on hold, the call is resumed, then is put back on hold, if the same music is still

...how to test if the certificate is correct So, my first question is how to test if the Kerberos certificate is correct? Second question is when I create a client certificate (I think I understood from the guides how to create) how I will test it? Will a kinit command like "kinit -C FILE:$HOME/clientcert.crt example-user at EXAMPLE-DOMAIN" be enough to test the client certificate? And a final question (for now) is if there is any kind of documentation related to "Configure Samba4 to know about the certificate" and where I can find it? Kind Regards, Charalampos

...to_yaml %>"), However, it is creating a lot of unnecessary changes by reordering the facts in the yaml output as you can see in the diff output between to runs; --- facts.yaml 2012-12-03 10:25:15.389570751 +0000 +++ facts.yaml.copy 2012-12-03 10:24:31.982563969 +0000 @@ -5,14 +5,14 @@ clientcert: rhel6test.shef.ac.uk rubyversion: "1.8.7" lsbdistdescription: "Red Hat Enterprise Linux Server release 6.3 (Santiago)" - architecture: x86_64 boardmanufacturer: "Intel Corporation" + architecture: x86_64 type: Other serialnumber: "VMware-42 26 2...

...agents may vary. This is a line of the manifest: $max_per_ip = hiera(''max_per_ip'',10) I want to specify different values for each agent using hiera. The problem is I am only able to specify the ''common'' values, not the values using the the variable ''clientcert''. This is my configuration in the puppetmaster: The ''/etc/hiera.yaml'' file: --- :backend: - yaml :hierarchy: - ${certname} - common :yaml: # datadir is empty here, so hiera uses its defaults: # - /var/lib/hiera on *nix # - %CommonAppData%\PuppetLabs\hiera\var on W...