That's normal behavior, because the client still retains the cert and
it's still signed with your puppet CA and therefor trusted.
You may want to scrutinize the CRL file, perhaps it's not used properly.
Also try and find out if puppet cert revoke works better than pupet cert
clean wrt. the CRL.
H
Hi,
Thanks for the reply Felix!
I am on 3.3.2!
once i remove the cert with puppet agent clean! I dont see its certificate
in the puppet cert list -all
However, agent can still run the catalog! this is what worries me!!
-Kaustubh
On Friday, December 6, 2013 5:48:01 AM UTC-5, Felix.Frank wrote
Hi,
removing the cert data is one thing, but to make sure the old certficate
cannot be used again, it must be effectively revoked.
The (current) documentation states that puppet cert clean does in fact
revoke the certificate, so you should not be seeing this issue.
Which version of puppet is thi
Ok,
I understood my doubts partially!
When we uninstall puppet agent from windows box, it will not delete the APP
Data folder for puppet which contains the certificates, to generate new
certificate request you need to uninstall puppet agent and delete this
directory.
Further, i understood tha
