On May 19, 2011, at 7:37 AM, Arnau Bria wrote: > Hi all, > > till today we had a *.our.doamin in autosign.conf. So any host from > our.domain could get a signed certificate if it contacts our master. > But we've decide to move that "*" to a complet list of hostnames. > > So, I've pasted all the names to autosign file, restarted master (not > sure if needed) So far, so good. So, I removed one name from autosign > file, clean its cert, and ran puppet on the host, but it's still able > to contact master and get its catalogue when it's supposed to get any > kind of error. > > So, how is it possible? where am I'm missunderstanding autosign > behiavour?
1) Are you sure you want this? Sounds like a bad idea. 2) As the documentation you have open shows, you can get the same effect by setting "autosign = true" 3) Try "*.*" instead. I think I remember Puppet won't work with just an asterisk. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
