...
After a new puppetserver is installed it needs SSL-certificates which contains the puppetmaster name as an DNS-ALT name in addition to the nodes hostname. This certificate is not created manuallyautomatically, so the following procedure has to be performed on the new puppetmaster and the puppetca.
...
| Code Block | ||
|---|---|---|
| ||
root@newpuppetmaster:~# systemctl stop puppetserver root@newpuppetmaster:~# rm -r $(puppet master --configprint ssldir) root@puppetca:~# puppetpuppetserver certca clean --certname newpuppetmaster.fqdn.com root@newpuppetmaster:~# puppet agent --test --waitforcert 10 root@puppetca:~# puppetpuppetserver certca sign --certname newpuppetmaster.fqdn.com --allow-dns-alt-names |
Deploy environments from shiftleader
...