Ask Your Question
1

revoked ssl-certs of client

asked 2015-02-06 01:22:49 -0500

duck304 gravatar image

Hi All,

I can revoke and clean the client certificate, but I can still get the catalog and update configuration of the client and applying that on the agent.

I want to use CRL.pem but I don't know how.

Can somebody help me??

edit retag flag offensive close merge delete

Comments

Please post a link to a pastebin of the commands that you're running on the master and agent with a pointer to where you don't see the expected behavior. That will make it easier to troubleshoot this problem.

GregLarkin gravatar imageGregLarkin ( 2015-02-06 10:51:41 -0500 )edit

Here is my pastebin http://pastebin.com/4kGzk5km

duck304 gravatar imageduck304 ( 2015-02-10 09:20:37 -0500 )edit

1 Answer

Sort by ยป oldest newest most voted
1

answered 2015-02-11 10:55:18 -0500

GregLarkin gravatar image

You will have to perform some additional steps to deactivate the node and prevent it from connecting to the master again. Only revoking the certificate on the master is part of the process, but there are more steps to take.

Please have a look at https://docs.puppetlabs.com/pe/latest/node_deactivation.html to see the whole process.

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

1 follower

Stats

Asked: 2015-02-06 01:22:49 -0500

Seen: 73 times

Last updated: Feb 11 '15