cat >> /etc/hosts <<EOD 172.16.0.1 puppet.mydomain.com puppet 172.16.0.20 www.mydomain.com www 172.16.0.21 images.mydomain.com images EOD
Node: 服务端进行认证
puppetd --test --server puppet
例 157.1. puppetd
# puppetd --test --server puppet info: Creating a new SSL key for haproxy warning: peer certificate won't be verified in this SSL session info: Caching certificate for ca warning: peer certificate won't be verified in this SSL session warning: peer certificate won't be verified in this SSL session info: Creating a new SSL certificate request for haproxy info: Certificate Request fingerprint (md5): 91:ED:04:2B:13:8C:61:8F:ED:8E:10:31:CA:8E:5C:06 warning: peer certificate won't be verified in this SSL session warning: peer certificate won't be verified in this SSL session warning: peer certificate won't be verified in this SSL session Exiting; no certificate found and waitforcert is disabled
认证所有的客户端
puppetca -s -a
或者认证某一台客户端
puppetca -l puppetca -sign www.mydomain.com
原文出处:Netkiller 系列 手札
本文作者:陈景峯
转载请与作者联系,同时请务必标明文章原始出处和作者信息及本声明。