Ask Your Question

Migrate ssl certs to new master

asked 2015-05-21 19:40:15 -0600

Cornellion gravatar image

Is it possible to copy SSL agent certs from an existing master running Puppet 2.7 to a new master running Puppet 3.8? I would like to point our existing agents to the new master without having to redo the cert requests.

I tried copying <agentname>.pem files to the below paths but have no luck:

edit retag flag offensive close merge delete


Thank you. Good guide but lacking version info. That method fails with 2.7 clients talking to 3.8 master. Will try with a 3.3 master. (Using using new ask account)

Cornellio gravatar imageCornellio ( 2015-05-27 12:45:42 -0600 )edit

1 Answer

Sort by » oldest newest most voted

answered 2015-05-22 10:42:47 -0600

millerjl1701 gravatar image

updated 2015-05-22 15:18:26 -0600

Given all the issues with SHA1 certificates and SSL since 2.7 was release, you might be better off redeploying a new CA/client certificates than to move the old CA over... Check out this for some thoughts on how to do so: link:ssl regenerate certificates

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

1 follower


Asked: 2015-05-21 19:40:15 -0600

Seen: 349 times

Last updated: May 22 '15