If this is a new node being created through some sort of automation procedure (kickstart, etc..) I'd look into generating your certs. You can then, as part of the procedure, simply copy them to your puppet client & server. This is how we do it within kickstart, which was actually pretty easy to setup.
Regards, Bill On Wed, Feb 3, 2010 at 12:05 PM, Daniel <[email protected]> wrote: > You're right. Should have spent some more minutes thinking about it. > It's been a long day... > > On Wed, Feb 3, 2010 at 8:26 PM, Scott Smith <[email protected]> wrote: >> Daniel wrote: >>> >>> Why not create a class or define containing your keys and run puppetd >>> only with the related tag? This would only install your certificates >>> but it requires you pre-generate the keys and certs on the >>> puppetmaster. >>> >> >> Without the private key, a certificate is useless. :( Also, how will the >> client get the manifest without authenticating itself? >> >> -scott >> >> -- >> You received this message because you are subscribed to the Google Groups >> "Puppet Users" group. >> To post to this group, send email to [email protected]. >> To unsubscribe from this group, send email to >> [email protected]. >> For more options, visit this group at >> http://groups.google.com/group/puppet-users?hl=en. >> >> > > > > -- > > Cheers, > > Daniel > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To post to this group, send email to [email protected]. > To unsubscribe from this group, send email to > [email protected]. > For more options, visit this group at > http://groups.google.com/group/puppet-users?hl=en. > > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
