If it helps I did a bit of a Gist walkthrough of the full cert recreation etc. using puppet cert generate here: https://gist.github.com/kbarber/5934100 ...
On Fri, Jul 5, 2013 at 1:00 PM, Ken Barber <k...@puppetlabs.com> wrote: >> I have a standard Puppet 2.7 configuration installed from Gem on Ubuntu >> 12.04, running behind Apache. >> >> I'm testing the reprovisioning of the puppet master from scratch in Vagrant >> and ran into a little snug - apache configuration points to a puppet >> ca_crl.pem file which doesn't exist, so apache refuses to start. > > Have you tried just using 'puppet cert generate <mymaster_name>' to > populate the initial certificates? I don't have a 2.7.x around, but > for 3.x it repopulates all the missing certificates it seems including > ca_crl.pem. > >> The puppet master documentation says that it'll automatically generate this >> file if it isn't present, but I need a way to get it generated automatically >> before apache tries to start. > > Yes, and it does - when you start it standalone using webrick (ie. > puppet master --no-daemonize --debug --log console ... or something > will probably do the trick). But the SSL offloading to Apache kind of > breaks this as you've mentioned. > > ken. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
