8K node infrastructure and CA setup
41 views
Skip to first unread message
Corey Osman
Jun 8, 2015, 10:25:42 PM6/8/15
to Puppet Users
Has anybody used this setup before? Any caveats?
https://docs.puppetlabs.com/puppet/3.8/reference/config_ssl_external_ca.html#option-3-two-intermediate-cas-issued-by-one-root-ca
Does this still apply when using puppet server 2.1?
Corey
https://docs.puppetlabs.com/puppet/3.8/reference/config_ssl_external_ca.html#option-3-two-intermediate-cas-issued-by-one-root-ca
Does this still apply when using puppet server 2.1?
Corey
Trevor Vaughan
Jun 9, 2015, 12:07:17 AM6/9/15
to puppet...@googlegroups.com
Hi Corey,
That setup should work just fine and be even easier now that everything has a solid set of certs that don't cross over at all.If you're using PE, be sure to properly generate your role certificates that are used by the Console, ActiveMQ, etc...
Trevor
Corey
--
You received this message because you are subscribed to the Google Groups "Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/7E32D1B6-A700-4643-B210-BD0F28738B9C%40logicminds.biz.
For more options, visit https://groups.google.com/d/optout.
--
Trevor Vaughan
Vice President, Onyx Point, Inc
(410) 541-6699
tvau...@onyxpoint.com
-- This account not approved for unencrypted proprietary information --
Vice President, Onyx Point, Inc
(410) 541-6699
tvau...@onyxpoint.com
-- This account not approved for unencrypted proprietary information --
Corey Osman
Jun 9, 2015, 11:00:09 AM6/9/15
to puppet...@googlegroups.com
In that diagram can you have a HA Master CA setup and HA Agent CA setup where there is a master and agent CA in each datacenter, but served by a VIP/Proxy/SRV record? Not exactly sure how CAs work when it comes to redundancy.
Corey
Reply all
Reply to author
Forward
0 new messages