You need to add something to the FQDN to make this work properly.
So, it should be something like Puppet CA #{Facter["fqdn"]}_ca"
Trevor
On 7/8/10, Jeff McCune <[email protected]> wrote:
> On Wed, Jun 30, 2010 at 2:22 AM, Trevor Vaughan <[email protected]>
> wrote:
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA1
>>
>> Yes, that's why it was a retro fix.
>
> I've verified Trevor's account is the problem and the solution, at least to:
>
> http://projects.puppetlabs.com/issues/1525 and
> http://projects.puppetlabs.com/issues/3770
>
> The current HEAD of master does not have this fix as the default, but
> we do have --ca_name as a configuration option.
>
> I propose we set the default value of the ca_name configuration
> parameter to be "Puppet CA #{Facter["fqdn"]}"
>
> By the way, the code Trevor mentioned doesn't appear to be valid for
> 2.6, I had to specifically configure ca_name to get the desired
> behavior, hacking the source[1] didn't have any effect.
>
> Spaces are fine in the CN field.
>
> [1] -
> http://github.com/reductivelabs/puppet/blob/master/lib/puppet/sslcertificates/ca.rb#L158
>
> Cheers,
> --
> Jeff McCune
> http://www.puppetlabs.com/
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Developers" group.
> To post to this group, send email to [email protected].
> To unsubscribe from this group, send email to
> [email protected].
> For more options, visit this group at
> http://groups.google.com/group/puppet-dev?hl=en.
>
>
--
Trevor Vaughan
Vice President, Onyx Point, Inc
(410) 541-6699
[email protected]
-- This account not approved for unencrypted proprietary information --
--
You received this message because you are subscribed to the Google Groups
"Puppet Developers" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/puppet-dev?hl=en.
