Hi, suppose puppet-old.domain is a CNAME pointing to puppet-new.domain, and puppet-new.domain is running Apache (for SSL) with mod_proxy_balancer to balance over some 10 puppetmaster processes. The configured SSLCertificateFile in Apache is that of puppet-new.domain
How do I get a node to stop complaining when connecting to puppet-old.domain (ending up at puppet-new.domain through the CNAME)? node# puppetd --test --server=puppet-old.domain err: Could not retrieve catalog from remote server: hostname was not match with the server certificate warning: Not using cache on failed catalog err: Could not retrieve catalog; skipping run I tried fiddling with certdnsnames on both the server side and the client side, but without effect. The reason I want this to work is because I want to be able to remove the puppet-old server without having to wait for every single node. There are dozens who haven't connected to the puppet-old server in quite a while for various reasons (down, hanging puppetd, network issues, ...), and I'm sure most of them will after a reboot, but I'd like to redirect those to the puppet-new server without having to keep the puppet-old server running. Robert Scheer XS4ALL Systeembeheer -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.