Friday, 18 September 2015

Regenerate SSL Certs on Puppet Master

SSL: Regenerating All Certificates in a Puppet Deployment

backup ssl dir
/var/lib/puppet/ssl

Stop the Puppet agent service
/etc/init.d/puppetmaster stop

Stop the Puppet master service
/etc/init.d/apache2 stop

Locate Puppet’s ssldir
puppet config print ssldir

Delete all files in the ssldir
rm -r /var/lib/puppet/ssl

Regenerate the CA by running
uppet cert list -a

Generate the Puppet master’s new certs
puppet master --no-daemonize --verbose

When you see Notice: Starting Puppet master <your Puppet version>,
type CTRL + C

Start the Puppet master service
/etc/init.d/puppetmaster start

Start the Puppet agent service
/etc/init.d/apache2 start

Ref : -
http://docs.puppetlabs.com/puppet/3.7/reference/ssl_regenerate_certificates.html

No comments:

Post a comment