Hi,
Can either of these methods send notifications about the problem? Or
do these need to be manually checked?
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe fr
Hello,
Is there a built in way to get notifications about clients which have
not updated in a defined time period?
For example, if a client is configured to poll the master every hour,
and 2 hours elapse without the client polling the master, is there a
way to have the master inform us of this fa
On Aug 25, 5:37 pm, Nigel Kersten wrote:
>
> I may be reading your request incorrectly, but it almost sounds like you
> don't really want to have the Puppet CA at all, and just want to generate
> certificates manually and distribute them yourself.
>
> Would launching all your masters with --no-c
Thanks for the suggestions, these have given us some possibilities to
look at.
Just to be clear: Is there no built in way to force the puppet client
to NEVER retrieve certificates/CA without verifying the certificate
chain first? (without hacking through code)
Thanks again
--
You received this
Hi Nan,
Thanks for the reply. I think I should re-frame the question as I
don't think I was at all clear.
What we are looking for is a way to prevent the puppet agent from ever
sending a request to the master if it cannot verify the certificate
chain. We will handle the secure transfer of certifi
Hello,
We are attempting to set up a completely secure puppet based system.
Puppet's encrypted communications between the master and the client is
ideal, but its client joining and certificate transfer mechanism is
not. The client certificate request and signed certificate response is
vulnerable
