Hi, You could clean the certificate on the puppetmaster CA using puppetca --clean debian.example.org prior to connecting the rebuilt server again.
If you have a short lifecycle and rapid turnover of the same hostname, you may benefit from using the certname configuration variable and using some other fact besides the fqdn for the certificate common name field. Large sites with high turnover often set the cert CN to a uuid or something similar. -- Jeff McCune On Wed, May 5, 2010 at 11:51 AM, Murteas <murt...@gmail.com> wrote: > Hello all, > > Recently I was asked to start using Puppet as part of our Eucalyptus > powered internal cloud. I have been able to set up Puppet and a > puppet master on various instances, but what I am running into, is > that several of the instances have the same hostname or no hostname > when they are first launched, so of course when they try to get a cert > from puppetmaster I get an error saying that I can't overwrite the > existing certificate with the new one. > > My question is: > > If I have one instance launched in a cloud with a hostname of > debian.example.org and then that instance is terminated, and then I > bring up an identical instance but this one has a new ip address, how > can I get a cert for this new instance? Obviously I can do a clean > on the puppetmaster, but I need to automate this process somehow, as > this could happen constantly with our customers launching new > instances or identical instances. > > Any thoughts? > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To post to this group, send email to puppet-us...@googlegroups.com. > To unsubscribe from this group, send email to > puppet-users+unsubscr...@googlegroups.com. > For more options, visit this group at > http://groups.google.com/group/puppet-users?hl=en. > > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
