[Pkg-puppet-devel] Bug#514550: cannot use different certnames for puppetmaster/puppet on the same host

Matthew Palmer mpalmer at debian.org
Sun Feb 8 21:51:06 UTC 2009


On Sun, Feb 08, 2009 at 10:16:57PM +0100, martin f krafft wrote:
> also sprach Matthew Palmer <mpalmer at debian.org> [2009.02.08.2203 +0100]:
> > That's how I do it (puppetmaster SSL in a separate directory),
> 
> I'd like that to be default!

And I'd like a pony.

I'm not the package maintainer, so exclaiming at me isn't going to help your
case any.  I'm merely stating that this configuration *can* work, and has
worked for me in production environments, so you can use that argument if
anyone says "that's not possible", or wants a reference implementation.

> > but you could also set an altName on the cert (there's an option
> > for it somewhere in the Great Pile, but I can't remember what it
> > is), so that your Puppetmaster's cert was for both vera and
> > puppetmaster.
> 
> Why use one cert when you can use two though?

Why use two when you can use three though?

- Matt






More information about the Pkg-puppet-devel mailing list