search for: clientcerts

Morning All I''m trying to use Hiera with Puppet 3.0 to streamline some of my module configuration... However I''m having issues using the ''*%{::clientcert}*'' variable as part of the hierarchy... Currently, my *hiera.yaml* file looks like: --- :backends: - yaml - json :yaml: :datadir: /etc/puppet/hieradata :json: :datadir: /etc/puppet/hieradata

Hi: I work on puppet 3 and hiera, but i cannt load a yaml file on a subdir. my hiera.yaml looks like: --- :backends: - yaml - json :yaml: :datadir: /etc/puppet/hieradata :json: :datadir: /etc/puppet/hieradata :hierarchy: - "servidores/%{clientcert}" - %{::ve} - common :puppet: :datasource: data problem is on "servidores/%{clientcert}". If it is %{::clientcert}

On 08/12/2010 10:29 AM, Lars Kellogg-Stedman wrote: > Hello all, > > I'm trying to get virsh (and virt-manager) to talk to a remote libvirt > instance. I cannot for the life of me figure out how to tell either > tool where to find client or CA certificates. Do they *really* need > to access the ones in /etc/pki? In particular, the client seems to > want to read the

Hi all! I''m trying to setup a puppet module for sudo that will write multiple files with separate data for each file, all dependent on the hiera hierarchy. Here''s the relevant portion of my hiera.yaml: > :hierarchy: > > - "datacenter/app/role/node/%{::clientcert}" > > - "datacenter/app/role/%{::server_role}" > > -

We''re trying to set a role variable in one of our role classes i.e. class role::nameserver { $::role = ''nameserver'' include profile::baseline } however we get the following error Error: Could not retrieve catalog from remote server: Error 400 on SERVER: Could not parse for environment production: Cannot assign to variables in other namespaces We do not get

Hi, I''m having a problem with extlookup not respecting the ''certname'' parameter[1].  When executing a puppet run with either the --certname or --fqdn parameters, it ends up using the specified SSL certificate and gets the correct node definition applied from the puppetmaster.  However, it still retrieves extlookup data using the node''s actual FQDN, not the one

Hi, I created an account but when I go to issues.asterisk.org <http://issues.asterisk.org/> It still asks for a client certificate. See this screen shot, hopefully it showswhat I mean. http://firestar-hosting.com/clientcert <http://firestar-hosting.com/clientcert>.png -------------- next part -------------- An HTML attachment was scrubbed... URL:

I''m thinking about creating a web service to provide hiera data. The backend I''m looking into is Mongodb. Front end would implement hiera-http. Does anyone have any recommendations on the mongodb schema and how it would look. I checked out some articles online for hierarchical data in mongodb but not sure how that would map to a hiera backend. Here''s some articles and

I set up my certificates, ca client and server, as described in your documentation: http://wiki.libvirt.org/page/TLSCreateServerCerts. I followed it step by step so it must be ok. However, when I run virsh -c qemu://192.168.1.2/system and I try a command like list --all I get: error: impossible connect to the hypervisor errore: no valid connection errore: Unable to set x509 CA certificate:

Thanks for the response. My current chain is as follows: caroot -> child-ca1 -> server cert My cacert.pem file has both the caroot and the child-ca1 certs. I have recompiled libvirt on my machine with some extra debug statements and verified that both the caroot cert and the child-ca1 certs are being loaded. But when I try to connect the caroot and child-ca1 certs only appear under the

Does any one know how to evaluate a node hostname in the nodes.pp file? for example something like this.. node ''node1.com'', ''node2.com'', ''node3.com'' { case node.name { ''node1.com'' : { include solaris } ''node2.com'' : { include redhat } ''node3.com'' : { include aix

..._username_from_cert, it "binds" the emailuser to the clientcertificate, a clientcert. can access only the account from the userdb) in order to use it, the CAfile must be a file which contains the CAcertificate (pem format) followed by the CRL (also in pem format). (servercert and the clientcerts are signed with a self-signed rootcert) there are some issues with the patch: a) it needs openssl > 0.9.7 for the CRL checking b) ssl_verify_client_cert now returns 0 in case of an invalid cert. was there a reason why it always returned 1? c) i'm not too happy with the commonname extractio...

Hello, just upgraded Hiera from ver. 1.2.1 to 1.3.0 and broke our puppet environment. :) It seems that there are sizeable changes related to variable interpolation Here is an error during Puppet run: Error: Puppet::Parser::AST::Resource failed with error Hiera::InterpolationLoop: Detected in [::environment] at /home/ubuntu/environments/project_dev/manifests/site.pp:35 on node

Hi, I just thought I'd post here some notes after a loong bugsearch. Keywords: failed to perform search; Unexpected EOF using Domain Admins to add machines The problem was that I got this in the sambalog: _samr_create_user: Running the command `/usr/sbin/smbldap-useradd -w "machine$"' gave 127 Part of the problem was that this isn't a lot to go on, and the command

I appears that backreferences when using regexes in node names doesn''t work. Can anyone confirm this? If I''m incorrect, how do I go about using a backreference to the name regex within the node definition container? Thanks, Guy -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To view this discussion on the web

Dear Dovecot experts, we have unusual authentication requirements, namely: - almost all of our user are using a smartcard to connect with our mailserver. Thunderbird is our friend here as it will use the smartcard as an additional certificate store and Thunderbird will do client certificate based authentication when connecting via SSL with a mailserver - there's no way (at least that I know

Good day Asterisk users, If this is the wrong place to post this, my apologies. However, I'm trying to see where I can get a patch for the res_musiconhold.so module. I have an issue where if someone is placed on hold, or is placed in a queue, after any announcement is played in the queue, or if someone is put on hold, the call is resumed, then is put back on hold, if the same music is still

Hello list, I have installed and configured a domain with Samba version 4.0.0beta2-GIT-7e80b89 on a CentOS 6.2 I can successfully join a Windows PC in the domain (both Windows XP and Windows 7 tested) Now, I am trying to move a step forward and I would like to configure Samba to accept Windows smart card logon This is a requirement for a project I am involved to I have already installed the

I have set up puppet to create a facts.yaml file for mcollective using the following line: content => inline_template("<%= scope.to_hash.reject { |k,v| k.to_s =~ /(uptime.*|timestamp|.*free|macaddress.*|ipaddress)/ }.to_yaml %>"), However, it is creating a lot of unnecessary changes by reordering the facts in the yaml output as you can see in the diff output between to

Hi, I have a puppetmaster - agent architecture. I have a module for the vsftpd configuracion in the agents. The configuration of the value ''max_per_ip'' in the agents may vary. This is a line of the manifest: $max_per_ip = hiera(''max_per_ip'',10) I want to specify different values for each agent using hiera. The problem is I am only able to specify the