On May 19, 2011, at 7:37 AM, Arnau Bria wrote: > Hi all, > > till today we had a *.our.doamin in autosign.conf. So any host from > our.domain could get a signed certificate if it contacts our master. > But we've decide to move that "*" to a complet list of hostnames. > > So, I've pasted all the names to autosign file, restarted master (not > sure if needed) So far, so good. So, I removed one name from autosign > file, clean its cert, and ran puppet on the host, but it's still able > to contact master and get its catalogue when it's supposed to get any > kind of error. > > So, how is it possible? where am I'm missunderstanding autosign > behiavour? > > # puppetmasterd --genconfig|grep autosign > # Whether to enable autosign. Valid values are true (which > # autosigns any key request, and is a very bad idea), false (which > # never autosigns any key request), and the path to a file, which > # The default value is '$confdir/autosign.conf'. > autosign = /etc/puppet/autosign.conf > > # wc -l /etc/puppet/autosign.conf > 660 /etc/puppet/autosign.conf > # grep tditaller027.pic.es /etc/puppet/autosign.conf > # > > [root@tditaller027 ~]# puppetd --test --server ser01.pic.es > info: Retrieving plugin > info: Loading facts in odd_ip > info: Loading facts in odd_ip > info: Caching catalog for tditaller027.pic.es > info: Applying configuration version '1305815351' > notice: Finished catalog run in 33.76 seconds > > # rpm -qa|grep puppet > puppet-2.6.1-0.6.el5 > puppet-server-2.6.1-0.6.el5 > > same version on client.
Sorry. I ready your whole email backwords. I can only blame being tired. Did you clean using "puppetca --clean hostname" on the server, by using "rm" on the client, or both? Are you using Passenger? -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
