HI Doug, I am also facing the same issue after following the steps from the book. I tried with nginx and passenger and i mentioned it on the following post.
http://groups.google.com/group/puppet-users/browse_thread/thread/44bc89455ccc311a# Regards, Kevin > > > > > > > > Douglas Garstang wrote: > > > Well, this is frustrating. > > > > Let's say I have two puppet masters, where one is active, and the other > > > is a hot stand by. Obviously each is going to have a different FQDN. > > > Everything will work fine when the client talks to the server that > > > signed it's certificate. However, after a failover to the secondary > > > master, it's all going to fail because the FQDN of the master will not > > > match. > > > > I've been searching around, reading the mailing list, and am surprised > > > to find very little information on this. The new "Pro Puppet" book skims > > > over this detail. You'd think they'd have some proof it before selling > > it. > > > Douglas > > > Did you read the chapter carefully? The Front End Load Balancer > > Configuration section explains this pretty clearly. > > Several times. Starts on page 99. Can't find any reference to it. > > Also, I'd like to point out, that the book talks initially about setting up > a separate primary and secondary CA, but after mentioning that these should > go on a separate server, only details how to do it on the puppet master. > Putting the CA function on a different server is not a trivial thing and I > spent a few hours yesterday reading between the lines, trying to work out > how to put in on a separate server, and finally gave up about 1am this > morning. > > Doug. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
