On Thu, Apr 16, 2015 at 04:23:40PM +, Peter Berghold wrote:
>Where I'm having the issue is on my master.
>
>To generate and sign a cert for the master I ran:
> puppet cert generate {hostname}.domain.tld --allow-dns-alt-names
>
> --dns_alt_names={hostname}.domain.tld,{hostna
On Thu, Apr 16, 2015 at 11:59 AM Christopher Wood <
christopher_w...@pobox.com> wrote:
>
> Now obviously nobody asked you about this infrastructure, but have you
> explained that connecting to the correct interface is more about routing
> and dns than ssl? And since you're asking for thoughts, you
Where I'm having the issue is on my master.
To generate and sign a cert for the master I ran:
puppet cert generate {hostname}.domain.tld --allow-dns-alt-names
--dns_alt_names={hostname}.domain.tld,{hostname}-eth1.domain.tld,{hostname}.sub.domain.tld
,{hostname}-eth1.sub.domain.tld
substitutin
Which option did you take? I picked the load balancer option with a single CA
(worked for me), so I needed:
0) configure puppet.conf on the agent hosts
server = lbname.me.com
ca_server = capm.me.com
1) Subject Alternative Name certs on the puppetmasters
First agent run (on pm1.me.com) using:
Is there a more up to date process for this process than this page?
https://docs.puppetlabs.com/guides/scaling_multiple_masters.html
I followed this process and now have a dead puppet. Glad I made backups of
the SSL directory.
What I'm trying to accomplish is due to a architecture that was force
