This may be a crazy question, but do we have to keep the generated client certs on the puppetca? What would be the harm in deleting them?
I ask because we have our puppetca geographically redundant, and we keep the certs synced with our old friend rsync. If we didn't even try to store the certs, we wouldn't have to keep them in sync. We could run the CAs active-active. I'm pretty sure puppet-agent and server will continue to work just fine, right? -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
