Puppet Autosigning

From Kyle's Wiki

Jump to: navigation, search

Puppet autosigning makes it so you don't have to run "puppet cert sign" whenever you have a new client connecting.

But it can be dangerous depending on who you let connect to your puppet master server.

Put this in /etc/puppet/autosign.conf

hostname.domain.com
*.secure.domain.com

You can add arbitrary hosts and wildcards in this file. They are ready immediately when a client connects (no need to restart puppetmaster).

Reference

http://projects.puppetlabs.com/projects/1/wiki/Certificates_And_Security

Retrieved from "http://wiki.xkyle.com/index.php?title=Puppet_Autosigning&oldid=1766"

Puppet

Personal tools

Log in

Efforts

Toolbox

Meta