vRO + Puppet + API Security
Hello we have puppet managed by our Unix team and vRO managed by our VMware team. We would like to have puppet install the agent on new server builds and then sign the certificates on both after the fact. The problem is the Unix team does not want to save root permissions on the vRO appliance. Therefore how are we able to sign the certificate on the new server and the puppet master?
I was wondering if the web API had a way to do a curl call to sign the certificate of a server. Is this possible? If so we would be able to do that and not use the root permissions at all.
thanks in advance!