Hi Tom, On Tue, 2011-10-25 at 11:20 +0200, Tom De Vylder wrote: > Hi all, > > Is there a more elegant way to regenerate the Puppet master > certificate than what's described in the CVE-2011-3872 toolkit?
You're talking about generating a master cert or a master CA cert? > > If you can maintain a secondary shell session to the puppet master > server, you can start a WEBrick master with puppet master > --no-daemonize --verbose and stop it with ctrl-C. > > If you prefer to only maintain one shell session, you can start a > WEBrick master with puppet master and stop it with kill $(cat $(puppet > master --configprint pidfile)). > Source: README.pdf inside the toolkit. > > I used to be able to do this by running 'puppetca'. But ever since > puppetca isn't available anymore I can't seem to find any information > on how to do it instead. Puppetca is now called "puppet cert". > Well other than what's described above that is. But that's not > feasible in an automated fashion. I'd like to deploy a second puppet > master. -- Brice Figureau Follow the latest Puppet Community evolutions on www.planetpuppet.org! -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
