On 04/01/2011 08:23 PM, FRLinux wrote: > Hello, > > First off, forgive me if that has been discussed before. > > Has there been any thought given to using dns records queried from the > IP of a host where puppet is installed? Reason I'm asking is we had an > issue in which our fqdn got screwed up in /etc/hosts in the form of > node.example instead of host.example.com and that led to the server > signing the cert for the host (yeah bad, we use auto signing) as > node.example which of course was not a valid host declared in sites. > > This is not a rant, just a question. Thanks for anyone who can shed > any light on this.
Hi, certification can be painful at times, but I don't see the real problem you had with requesting a signature on a badly named cert? You can always just revoke it on the master and have your client issue a new CSR. Regards, Felix -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
