On Wed, Jan 4, 2012 at 12:12 PM, Christopher Johnston <chjoh...@gmail.com> wrote: > My inventory server is a puppetmaster, but its master of itself and is only > being using for inventory services. If I point new clients to it will work > fine. > > So think of my setup like this: > > puppet1.company.com and puppet2.company.com are two dedicated servers in > each datacenter that handle local client connectivity only. By using > certname=puppet I can copy the same CA to puppet2.company.com and support > failing over if the primary server goes down. This setup is mimic'ed in > about 20 other sites. > > The inventory server is a remote puppet master sitting in a backoffice > datacenter that is setup with mysql and puppet dashboard to receive reports > and inventory services from all 40 of the masters. > > So with this current arrangement how would I go about making sure the > inventory server has a cert that is signed by the 40 other CAs.
Certificate chain is an outstanding bug, so at the moment one CA sign all puppet master + inventory server cert. Nan -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
