Puppet Certificate Management

… done on the puppetmaster:

# list certificate requestes:
puppet cert --list
 
# list all certificates (including signed certs)
puppet cert --list --all
 
# sign a request
puppet cert --sign host.example.com
 
# revoke a certificate:
puppet cert --revoke host.example.com
 
# clean a certificate:
puppet cert --clean host.example.com
 
# Print the full-text version of a host's certificate.
puppet cert print host.example.com
 
# low level alternative:
openssl x509 -text -in /var/lib/puppet/ssl/ca/signed/host.example.com

Important: if a certificate has been revoked, it might be necessary to restart apache/puppetmaster to remove certificates from caches.

networking/puppet/certificates.txt · Last modified: 2014-12 by tb
Driven by DokuWiki Recent changes RSS feed Valid CSS Valid XHTML 1.0 ipv6 ready