Hi All, i'm new to puppet, sorry if the question comes off a little green- thumb
I have a puppet server and a puppet client (both running latest versions) we have wildcard certs for all our internal domains, we use these certs for SSL ldap posix auth, apache, jetty..etc.etc. ie. *.priv.tech.com instead of puppet generating the certs and doing the signing of the client request, would it be possible to have puppet use these wildcard ssl certs instead? So when i stand up an instance (centos on vmware) , it will automatically have the certs built into the template and that instance can talk to the puppet master without having to manually sign every puppet client. I've read that i can turn auto-sign=on , but that is a gapping security hole. I basically want to remove the signing step and have all instances automatically talk/trust the puppet master using our wildcard ssl certs. is this possible? -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
