http://serverfault.com/questions/137292/how-can-i-pre-sign-puppet-certificates
“Sometimes I think the surest sign that intelligent life exists elsewhere in the universe is that none of it has tried to contact us.” Bill Waterson (Calvin & Hobbes) ----- Gilles <gilles.antone...@gmail.com> wrote: > > Hi, > > We have a specific configuration where Puppet Agents are in an > internet DMZ, Puppet Master is on the LAN and there's no way for > Puppet Agents to connect to the Puppet Master. > > We have opened port 8139 for the Master to establish the connection to > the Agents. > > So, we have the problem for configuration. We need the Agents to > connect to the Master so that the Master can generate the certificate > and accept the Agent request. Usually this is done via the Agent > requesting the Master to sign and accept. > > We need this done the other way, the Master generating signed > certificates for the Agents and distributing the certificates to the > Agents. > > We didn't find the documentation on the specific procedure. > > Thanks for your hints, Regards, > Gilles > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To post to this group, send email to puppet-users@googlegroups.com. > To unsubscribe from this group, send email to > puppet-users+unsubscr...@googlegroups.com. > For more options, visit this group at > http://groups.google.com/group/puppet-users?hl=en. > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
