| I wanted to add an example of the issue in case it helps. In the example below you can see that 'puppet config print certname' returns fine when the certname setting is either not used (uses FQDN by default I believe) and also when certname is set in the [main] section of puppet.conf. When it is set in the [agent] section of puppet conf you can see that the original FQDN is returned instead of the certname, despite that the certname setting in this section does work for requesting a cert with that name. No certname setting used (certname, and hostcert and hostprivkey config settings use FQDN as expected)
certname in the agent section (certname, hostcert, or hostprivkey config settings NOT set correctly). In this case I would expect an error or warning that the certname is used in the wrong section since it is not being honored for everything that should use it (you can see that when requesting a new cert be signed it is honored for that action)
certname in the main section (certname, hostcert, and hostprivkey config settings are set correctly) In this case everything works as expected, including the cert request and config settings.
|