On Tue, Sep 14, 2010 at 11:53 AM, M C <maem...@gmail.com> wrote: > Restarting the puppet master with the certdnsname option set did not change > the certificate in /var/lib/puppet/ssl/certs/admin.baz.bar.com at all. > > My understanding from the documentation is that the issue was with ca.pem.
If that's the case, the options I provided wasn't addressing the right certificate. Is that not the case? Is there some trick to get puppet to regenerate the > certs properly? From what I've been able to find, this seems to be at least > partially related to Bug #4226. If the problem is related to 4226, you just need to specify ca_name option when running puppetmaster for the first time. Once the ca.pem file is created it won't replace it: puppetmasterd -v --ca_name="Puppet CA puppet.bar.com" Issuer: CN=Puppet CA puppet.bar.com ... X509v3 Key Usage: Certificate Sign, CRL Sign I would backup the ssl directory first. Thanks, Nan -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.