Hello, I'm new to Puppet and evaluating it against Cfengine and Chef for the management of multiple thousands of Ubuntu desktops. The desktops can be reinstalled at any time by technical site operators and they may or may not change the computer name. This happens fairly often and if the name stays the same, I get:
err: Could not request certificate: The certificate retrieved from the master does not match the agent's private key because the desktop's SSL certificate changes when the desktop is rebuilt. To solve this problem I need to go on the server and do a: puppet cert clean <fqdn of client> But this is not practical in an environment where many computers can be reinstalled at any time. Is there a solution to this ? Can the agent tell the master to clean the key for its hostname ? I do not have this issue with cfengine, because the identifier is simply the MD5 of the certificate, not the hostname. I just need to cleanup the list of unused certificates on the server side every once in a while. Thanks, Jerome -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/H5apxlHZdxoJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
