Tuesday, July 29, 2008

puppet and key management

In case that you need to set up a system that has already benn managed by puppet one does need to run some additional steps.
First you need to remove the key from puppetmaster:

puppetca --clean <hostname>

Then you may set up the old system from scratch,.

After puppet startup use the puppetca command on puppet master to look and sign the new key

In case that puppetca --list will not show the new host key you need to run the following steps:

1. remove ssl-keys from puppet client
2. start puppet on client
3. run puppetca --list on puppetmaster.