Hi, On Jun 17, 2011, at 2:49 PM, TJ Yang wrote: > How do I initiate a certificate request without going into non-daemon mode ? > > According to "Pro Puppet" book, so far the only way I know that can > trigger a certficate request with puppet master is like this > > puppet agent --server=puppetmaster.test.com --no-daemonize --verbose
we do that by using a tag which does not exist: puppet agent --test --tags=foo This creates the client certificate and sends it to the master. The master autosigns the certificate request and compiles the catalog. The client will parse for a tag with the name "foo" and will not do anything. > > but doing so will break my intention of automation I need to create a > puppet client package. A control-C is needed to terminate the process. > I have puppetmaster configured to be auto grant and sign certificate > requests. and I like puppet client can auto issue a request which will > be granted and start itself up when running > "/etc/init.d/puppetagent268 start" We have created our own puppet rpm package with an individual puppet.conf. Upon post installation we run the command give above. > > > Is there a command "puppet cert --clean puppetagent1.test.com" for > puppet agent ? > For now I have to go into $ssldir subdirectory to manually cleanup > existing certificate. Do you refer to the master or the client? The puppet cert command is used for the master only. On the client we also recursivley delete the puppet ssl dir. Kind regards, Martin > > -- > T.J. Yang > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To post to this group, send email to puppet-users@googlegroups.com. > To unsubscribe from this group, send email to > puppet-users+unsubscr...@googlegroups.com. > For more options, visit this group at > http://groups.google.com/group/puppet-users?hl=en. > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
