Got the following error "certificate is not yet valid for /CN=Puppet CA: " when doing a puppet run after registering a client with the puppet master.
I have a puppet client node whose date/time is persistently set in the past for stress test purposes. Unfortunately this time precedes the "NOT BEFORE" time validity parameter of the CA certificate which is used to sign the client certificate. I can not move the date forward on the client node, and I have hundreds of other clients using the puppet master, so I cannot regenerate the CA certificate with new start and end dates. Is there a way to sign the client CSR such that the client will not fail to do a puppet run because the dates of the CA cert of the puppet master fall after the current set date of the puppet client?