-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi
> 1. Start the production puppet master as usual. This will be your CA. > 2. In your development puppet master, set ca = false and ca_server = > production.hostname in puppet.conf in the puppetmasterd section. Also > set server = production.hostname in the puppetd section. > 3. In your development puppet master, run puppetd first! This is > needed to generate the certificates and request the CA to sign them. > If you start puppetmasterd first it will fail. > 4. Sign the development puppet master certificate on your production > puppet master or set autosign. > 5. Once the certificate is signed, re-run puppetd to verify. > 6. Start the development puppet master. > 7. In your development clients, set ca_server = production.hostname to > have the production puppet master sign their certificates since its > your only CA. would be awesome if you could document that on the wiki. cheers pete -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAksK+QAACgkQbwltcAfKi3/qiACgioznQvrbmf6jbhJKajqaaLOx p9kAnjLvuFNhG5jbcEShnjUiCjCuINyt =Jf/T -----END PGP SIGNATURE----- -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=.
