Displaying 3 results from an estimated 3 matches for "wiredgeek".
2011 Mar 08
22
Force resigning of existing certificates
Is there a way to force the puppetmaster to resign certificates for
existing certificates when a new CSR for the same hostname arrives?
When we reinstall freshly formatted clients with puppet (with the
same hostname) the puppet client complains:
err: Could not request certificate: Retrieved certificate does not match
private key; please remove certificate from server and regenerate it
2011 Feb 07
2
Puppet CA Inventory and Serial # file... unique format?
I''m working on a system for auto-resigning certificates for our clients and Iv''e basically got it working .. but I notice that Puppet uses an inventory file and a serial # file that seem to be differently formatted than the openssl toolkit uses? The serial number file that puppet generates has a 4 digit number starting with 0000... but openssl tracks its serial numbers in a hex
2011 Sep 14
1
Quick help… GitHub & Puppet Environments...
I''m looking for a bit of best-practices here. Our puppet environment up-until-today has been owned and operated by IT Operations only. We''ve had a single ''production'' environment and our code has been managed in a local GitHub::FI install. We have ~14,000 lines of code in our PP files. We''re trying to make two changes to our environment... that may need