I understand that only the CA cert needs to be copied on the LB and not the private key, as the private key is just for signing the agents certificates. Just wanted to note that the CA also needs SSLCARevocationFile, for revocation to work it seems. The only other concept that is not clear to me is why the CA keeps all the signed agents certs? Is there any need for that.
-- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/fchvaTsXZ7MJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
