I forgot the finishing touch: On the puppet master: /etc/puppet/auth,conf
Added the lines: # allow workstation REST API access path / allow workstation.example.org and restarted the puppet master ! As I get familiar with the API, I would probably want to add some method restrictions. “Sometimes I think the surest sign that intelligent life exists elsewhere in the universe is that none of it has tried to contact us.” Bill Waterson (Calvin & Hobbes) ----- Original Message ----- From: "Dan White" <y...@comcast.net> To: puppet-users@googlegroups.com Sent: Monday, November 18, 2013 9:37:25 AM Subject: Re: [Puppet Users] (ANSWERED IT MYSELF!) How do I generate a certificate to use the REST API ? On the puppet master: puppet cert generate workstation.example.org Then I copied the following from the puppet master to my workstation: The public and private keys for my workstation ( workstation-publickey.pem / workstation-privatekey.pem ) The certificate for my workstation ( workstation-cert.pem ) The public key for the puppet master ( puppetmaster-publickey.pem ) On my workstation, curl --insecure -H 'Accept: s' https://puppetmaster.example.org:8140/production/certificate/ca > curl-ca-bundle.crt cat puppetmaster-publickey.pem >> curl-ca-bundle.crt THEN !! curl --cert workstation-cert.pem \ --key workstation-cert.pem \ --cacert curl-ca-bundle.crt \ -H "Accept: yaml" https://puppetmaster.example.org:8140/dev/status/devnode001.example.org WORKED !! I am going to bundle up everything up to the "-H" into an alias. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/774872178.4600520.1384785845284.JavaMail.root%40sz0126a.westchester.pa.mail.comcast.net. For more options, visit https://groups.google.com/groups/opt_out.
