If you are using SRV records I would recommend just using the fqdn of the
server for the certs as it is pretty easy to point the SRV records to that
anyway. Then you can even reuse the agent cert as it has the necessary bits
to be used as a server cert.
On 18 July 2014 23:27, Paul Seymour wrote:
Hello,
Just looking for a little "best practice" advice.
If I am using DNS SRV records to load-balance and use multiple Puppet
Masters, and CA servers (certificate data is sync'ed) which is the best
recommended way of generating the master certificate ?
So I set certname in the [master] sectio
