On Thu, Nov 11, 2010 at 11:53 PM, Derek J. Balling wrote:
>
> On Nov 11, 2010, at 6:26 PM, donavan wrote:
>> From your comment in #3958 I think autosign[1] with "*.domain.tld"
>> would work for you.
>
> Nope. Because "autosign" doesn't also "auto-overwrite".
Actually it has meant that in some ver
Derek J. Balling wrote:
> It's just ugly. Like I said in my ticket notes, I'll concede that for
> some people, it's a necessity, but there's clearly also a set of
> people for whom it is just unnecessary pain and suffering.
>
It's been my experience that SSL (or the requirement for some form of
t
Hi Derek,
2010/11/12 Derek J. Balling
> [...]
> Nope. Because "autosign" doesn't also "auto-overwrite".
>
> - New Host "foo001.domain.tld" is created
> - Certs are exchanged for foo001 with the puppetmaster, life is good,
> autosigned
> - Host foo001.domain.tld is retired
> - Replacement Host "f
On Nov 11, 2010, at 6:26 PM, donavan wrote:
> From your comment in #3958 I think autosign[1] with "*.domain.tld"
> would work for you.
Nope. Because "autosign" doesn't also "auto-overwrite".
- New Host "foo001.domain.tld" is created
- Certs are exchanged for foo001 with the puppetmaster, life is
