These are held in the CA inventory .../puppet/ssl/ca/inventory.txt See https://ask.puppet.com/question/25818/how-to-manage-size-of-inventorytxt/ for a discussion about cleaning it up, but essentially - delete your test host entries here
John On 23 April 2018 at 00:32, Marc Haber <mh+puppet-us...@zugschlus.de> wrote: > Hi, > > I do have a certain host that I use for testing. It thus gets deleted > and re-created (in Foreman) over and over again. Eventually, rebuilding > the host times out at the puppet cert clean state. > > Foreman issues "puppet cert clean FQDN". When I invoke that from the > command line, I get "Notice: Revoked certificate" for a number of > serials, filling screens: > > Notice: Revoked certificate with serial 4898 > Notice: Revoked certificate with serial 4903 > Notice: Revoked certificate with serial 4904 > Notice: Revoked certificate with serial 4945 > Notice: Revoked certificate with serial 4946 > Notice: Revoked certificate with serial 5149 > > When the foreman cert clean has eventually finished, the foreman-proxy > has timed out in the mean time, and the build fails. Repeating the > puppet cert clean results in the same serials being revoked again and > again. > > Is there a method to clean up the puppet CA so that puppet cert clean > doesn't try revoking certificates that do no longer exist at all? > > There is no file matching the FQDN in /var/lib/puppet/ssl at all. > > Greetings > Marc > > -- > ------------------------------------------------------------ > ----------------- > Marc Haber | "I don't trust Computers. They | Mailadresse im Header > Leimen, Germany | lose things." Winona Ryder | Fon: *49 6224 1600402 > Nordisch by Nature | How to make an American Quilt | Fax: *49 6224 1600421 > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to puppet-users+unsubscr...@googlegroups.com. > To view this discussion on the web visit https://groups.google.com/d/ > msgid/puppet-users/20180422143251.i5t7v77ed3el5p7e%40torres.zugschlus.de. > For more options, visit https://groups.google.com/d/optout. > -- John Warburton Ph: 0417 299 600 Email: jwarbur...@gmail.com -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CAAJLFxVctYSeKEz9whgUERnQBw7WqZ%3DxBoCuMA9vM2jkuiooog%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
