Hi, Thanks for the reply Felix!
I am on 3.3.2! once i remove the cert with puppet agent clean! I dont see its certificate in the puppet cert list -all However, agent can still run the catalog! this is what worries me!! -Kaustubh On Friday, December 6, 2013 5:48:01 AM UTC-5, Felix.Frank wrote: > > Hi, > > removing the cert data is one thing, but to make sure the old certficate > cannot be used again, it must be effectively revoked. > > The (current) documentation states that puppet cert clean does in fact > revoke the certificate, so you should not be seeing this issue. > > Which version of puppet is this? > > Regards, > Felix > > On 12/04/2013 07:50 PM, kaustubh chaudhari wrote: > > Ok, > > > > I understood my doubts partially! > > > > When we uninstall puppet agent from windows box, it will not delete the > > APP Data folder for puppet which contains the certificates, to generate > > new certificate request you need to uninstall puppet agent and delete > > this directory. > > > > Further, i understood that puppetdb will deactivate the nodes but it > > will not delete/purge it, to purge we need set |"||node-purge-ttl||"| in > > the puppetdb config. > > > > What i was not able to understand is if i have removed the agent > > certificates from the puppet master "puppet cert clean wintest" why the > > request is getting accepted by master? > > > > Can someone please help me to understand this! > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/4be5241e-a852-4b81-b024-4d474c4fb0e9%40googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.