Hi, I do have a certain host that I use for testing. It thus gets deleted and re-created (in Foreman) over and over again. Eventually, rebuilding the host times out at the puppet cert clean state.
Foreman issues "puppet cert clean FQDN". When I invoke that from the command line, I get "Notice: Revoked certificate" for a number of serials, filling screens: Notice: Revoked certificate with serial 4898 Notice: Revoked certificate with serial 4903 Notice: Revoked certificate with serial 4904 Notice: Revoked certificate with serial 4945 Notice: Revoked certificate with serial 4946 Notice: Revoked certificate with serial 5149 When the foreman cert clean has eventually finished, the foreman-proxy has timed out in the mean time, and the build fails. Repeating the puppet cert clean results in the same serials being revoked again and again. Is there a method to clean up the puppet CA so that puppet cert clean doesn't try revoking certificates that do no longer exist at all? There is no file matching the FQDN in /var/lib/puppet/ssl at all. Greetings Marc -- ----------------------------------------------------------------------------- Marc Haber | "I don't trust Computers. They | Mailadresse im Header Leimen, Germany | lose things." Winona Ryder | Fon: *49 6224 1600402 Nordisch by Nature | How to make an American Quilt | Fax: *49 6224 1600421 -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/20180422143251.i5t7v77ed3el5p7e%40torres.zugschlus.de. For more options, visit https://groups.google.com/d/optout.