Thanks Patrick. I was just gathering information. I had to give an overview of puppet and our test implementation to our operations manager. Just wanted to make sure I had an answer. It seems like a non issue from here anyway.
Cheers, David On Fri, Oct 22, 2010 at 2:35 PM, Patrick <kc7...@gmail.com> wrote: > > On Oct 22, 2010, at 10:39 AM, dagrundy wrote: > > > Hello All. > > > > I read in an earlier post at > > > > > http://markmail.org/search/?q=autosign+issues#query:autosign%20issues+page:1+mid:we6jrbn7hdjnhrie+state:results > > > > that as of puppet v24.4, autosigning did not support IP addresses. I > > am running v25.5. Is this still the case? > > I don't think this is supported. How do you want it to work? Are you > saying that any certificate request from a given range should be autosigned, > or are you saying that the ipaddress should be made into the certificate > name? The first sounds like a huge security hole to me, and the second > isn't very hard to do if you manually set certname (on the client) before > the first startup. Then you use that name in your autosign.conf. > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To post to this group, send email to puppet-us...@googlegroups.com. > To unsubscribe from this group, send email to > puppet-users+unsubscr...@googlegroups.com<puppet-users%2bunsubscr...@googlegroups.com> > . > For more options, visit this group at > http://groups.google.com/group/puppet-users?hl=en. > > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
