hello, from what I understand, certs are assigned based on FQDN. We build all our machines behind a NAT router and then when fully ready, we add the machine to the main network, or might be used on a daily basis behind a different NAT router - it all depends on the security requirements of the group (the really classified stuff in on a air gapped network).
My question concerns the creation of certs and how puppetmasterd uniquely identifies machines. if FQDN is always used, how do I work around the NAT issue? Also, if a we change a FQDN, will a new cert be generated and a new entry be make in the store_config database? Any other gotchas I need to be aware of with regards to cert creation, NAT, building new machines and the like? --- Thanks, Allan Marcus 505-667-5666 --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~----------~----~----~----~------~----~------~--~---
