How to reject agent (node) certificate request
233 views
Skip to first unread message
kaustubh chaudhari
Dec 4, 2013, 8:44:04 AM12/4/13
to puppet...@googlegroups.com
Hi,
I am using open source puppet.
How can i reject a certificate request generated by agent on the master.
I can see the cert request in :
puppet cert list
However i wish to reject the request so that next time i run the same command, i dont see the garbage(unwanted requests)
I know this can be done in PE, not sure how to do this from command line!
-Kaustubh
I am using open source puppet.
How can i reject a certificate request generated by agent on the master.
I can see the cert request in :
puppet cert list
However i wish to reject the request so that next time i run the same command, i dont see the garbage(unwanted requests)
I know this can be done in PE, not sure how to do this from command line!
-Kaustubh
Felix Frank
Dec 6, 2013, 5:45:54 AM12/6/13
to puppet...@googlegroups.com
Hi,
have you tried using puppet cert clean for this as well?
According to the docs, it removes all files. This would include the
unwanted CSR.
HTH,
Felix
have you tried using puppet cert clean for this as well?
According to the docs, it removes all files. This would include the
unwanted CSR.
HTH,
Felix
kaustubh chaudhari
Dec 6, 2013, 7:46:19 AM12/6/13
to puppet...@googlegroups.com
Hey Felix,
Yes i have tried that!
puppet cert clean will work only for the accepted CSR. The only way i see is to accept it and then clean it! But this is not right way to do it!
-Kaustubh
Felix Frank
Dec 6, 2013, 8:04:55 AM12/6/13
to puppet...@googlegroups.com
You can always throw away the CSR file manually, but that's obviously
less than ideal.
If nobody pipes up with a correct answer, you may want to check Redmine
for an open feature request and vote on that, or open a new one if none
can be found.
Regards,
Felix
less than ideal.
If nobody pipes up with a correct answer, you may want to check Redmine
for an open feature request and vote on that, or open a new one if none
can be found.
Regards,
Felix
Johan De Wit
Dec 6, 2013, 8:43:42 AM12/6/13
to puppet...@googlegroups.com
Have you tried
puppet cert revoke <hostname>
(see puppet help cert for the man page)
hth
Johan
--
Johan De Wit
Open Source Consultant
Red Hat Certified Engineer (805008667232363)
Puppet Certified Professional 2013 (PCP0000006)
_________________________________________________________
Open-Future Phone +32 (0)2/255 70 70
Zavelstraat 72 Fax +32 (0)2/255 70 71
3071 KORTENBERG Mobile +32 (0)474/42 40 73
BELGIUM http://www.open-future.be
_________________________________________________________
Next Events:
Puppet Fundamentals Training | http://www.open-future.be/puppet-fundamentals-training-10-till-12th-december
Puppet Advanced Training | http://www.open-future.be/puppet-advanced-training-7-till-9th-january
Puppet Fundamentals Training | http://www.open-future.be/puppet-fundamentals-training-4-till-6th-february
Subscribe to our newsletter | http://eepurl.com/BUG8H
puppet cert revoke <hostname>
(see puppet help cert for the man page)
hth
Johan
Johan De Wit
Open Source Consultant
Red Hat Certified Engineer (805008667232363)
Puppet Certified Professional 2013 (PCP0000006)
_________________________________________________________
Open-Future Phone +32 (0)2/255 70 70
Zavelstraat 72 Fax +32 (0)2/255 70 71
3071 KORTENBERG Mobile +32 (0)474/42 40 73
BELGIUM http://www.open-future.be
_________________________________________________________
Next Events:
Puppet Fundamentals Training | http://www.open-future.be/puppet-fundamentals-training-10-till-12th-december
Puppet Advanced Training | http://www.open-future.be/puppet-advanced-training-7-till-9th-january
Puppet Fundamentals Training | http://www.open-future.be/puppet-fundamentals-training-4-till-6th-february
Subscribe to our newsletter | http://eepurl.com/BUG8H
Patrick Ethier
Dec 6, 2013, 8:30:03 AM12/6/13
to puppet...@googlegroups.com
Did you try the puppet node clean and puppet node deactivate functions?
Pat
--To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/52A1CB77.90205%40alumni.tu-berlin.de.
You received this message because you are subscribed to the Google Groups "Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users...@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.
kaustubh chaudhari
Dec 6, 2013, 9:34:00 AM12/6/13
to puppet...@googlegroups.com
Hi John and Patrick!
I havent tried puppet cert revoke - i will try that and reproduce if the issue persists.
Yes i have tried puppet node clean and puppet node deactivate, but the moment PuppetDB receives the request .. it update the facts and reports to the same. I do understand this is a normal behavior, we need to purge the node from DB to avoid this.
-Kaustubh
I havent tried puppet cert revoke - i will try that and reproduce if the issue persists.
Yes i have tried puppet node clean and puppet node deactivate, but the moment PuppetDB receives the request .. it update the facts and reports to the same. I do understand this is a normal behavior, we need to purge the node from DB to avoid this.
-Kaustubh
Reply all
Reply to author
Forward
0 new messages