search for: ssl_session_timeout

...asters { server 127.0.0.1:8140; # server pserver02:8140; } upstream puppetca { server primaryca:8140; server secondaryca:8140 backup; } server { listen 192.168.122.14:8140; server_name loadbalancer01; ssl on; ssl_session_timeout 5m; ssl_certificate /var/lib/puppet/ssl/certs/loadbalancer01.pem; ssl_certificate_key /var/lib/puppet/ssl/private_keys/ loadbalancer01.pem; ssl_client_certificate /var/lib/puppet/ssl/certs/ca.pem; ssl_protocols SSLv3 TLSv1; ssl_ciphers ALL:!ADH:RC4+RSA:+HIG...

...ient_certificate /var/lib/puppet/ssl/certs/ca.pem; ssl_ciphers SSLv2:-LOW:-EXPORT:RC4+RSA; ssl_prefer_server_ciphers on; ssl_verify_client optional; ssl_verify_depth 1; ssl_session_cache shared:SSL:128m; ssl_session_timeout 5m; } } and the puppet.conf [main] # The Puppet log directory. # The default value is ''$vardir/log''. logdir = /var/log/puppet # Where Puppet PID files are kept. # The default value is ''$vardir/run''. rundir = /var/run/...

...we''re forced to have two separate configs on two different ports, and to use --ca_port). Now, it is as simple as the following configuration: upstream puppet-production { server 127.0.0.1:18140; server 127.0.0.1:18141; } server { listen 8140; ssl on; ssl_session_timeout 5m; ssl_certificate /var/lib/puppet/ssl/certs/puppetmaster.pem; ssl_certificate_key /var/lib/puppet/ssl/private_keys/puppetmaster.pem; ssl_client_certificate /var/lib/puppet/ssl/ca/ca_crt.pem; ssl_ciphers SSLv2:-LOW:-EXPORT:RC4+RSA; # allow authenticated an...

Over the years many shops have come to start running puppet via cron to address memory leaks in earlier versions of Ruby, but the official position was that puppet was meant to be run as a continually running service. I am wondering if the official position has changed. On one hand many if not all of the early Ruby issues have been fixed, on the other, the addition of mcollective into the mix as