Puppetmaster Quickstart

On the agent:

puppet agent --server puppet.xkyle.com

On the server: See incoming certs waiting to be signed:

$ puppetca list
archive.xkyle.com (B1:2E:B2:2E:F4:D1:F6:31:10:FF:D9:95:A9:AF:F3:F1)

Now sign the client cert:

$ puppet cert sign archive.xkyle.com
notice: Signed certificate request for archive.xkyle.com
notice: Removing file Puppet::SSL::CertificateRequest archive.xkyle.com at '/var/lib/puppet/ssl/ca/requests/archive.xkyle.com.pem'

Optionally sign them all to save typing:

$ puppet cert sign --all

Optional: Setup Puppet Autosigning to skip manually signing new clients.

Now the client (in this case localhost, but whatever) can pull manifests from the server.