more puppet certificate tips

puppet master:

  • remove client cert:

        puppet cert -c <hostname>
        or
        puppet cert clean <hostname>
  • list certs:

    puppet cert -l <hostname>
  • sign a cert:

    puppet cert sign <hostname>

client:

  • find the cert dir (usually * /var/lib/puppet/ssl/certs * )

    puppet --genconfig | sed -n 's/.* certdir = _p'
  • remove certs:

    rm -rf /var/lib/puppet/ssl
  • generate certs:

        puppet agent --test
or:
        puppet certificate generate hostname.domain --ca-location remote
  • test:

    puppet agent --test --noop