In the open source setup i have only one server and client. In this setup i am unable to create ceriticate for my client - sys-server with the server - Puppet
the client Puppet.conf : is
[main] logdir=/var/log/puppet vardir=/var/lib/puppet ssldir=/var/lib/puppet/ssl rundir=/var/run/puppet factpath=$vardir/lib/facter templatedir=$confdir/templates prerun_command=/etc/puppet/etckeeper-commit-pre postrun_command=/etc/puppet/etckeeper-commit-post [master] # These are needed when the puppetmaster is run by passenger # and can safely be removed if webrick is used. ssl_client_header = SSL_CLIENT_S_DN ssl_client_verify_header = SSL_CLIENT_VERIFY ca_server = puppet
In this the ca_server is specified as puppet which is the server hostname.
I get this errror on cleint when trying to create the ceritficate
lakshmi@puppet:/etc/puppet$ sudo puppet certificate sign --ca-location=local sys-server Error: This process is not configured as a certificate authority Error: Try 'puppet help certificate sign' for usage