Ask Your Question
0

trusted web certificate

asked 2017-09-29 13:06:38 -0500

Hello, I am new to Puppet but not to Linux. I would like to do the simple task of securing the web interface of the Puppet master like https://puppet-master.mycompany.com. Of course the browser warns me the site is not secure and signed by Puppet Enterprise CA.

Is there a straight forward way to get Puppet to configure NGNIX web server with a proper CA (Verisign or Thawte) or do i need to go in as root and take care of it there?

Thanks

edit retag flag offensive close merge delete

1 Answer

Sort by » oldest newest most voted
0

answered 2017-09-30 11:52:28 -0500

DarylW gravatar image

A few possible solutions.

You could use your own proxy, configured to send traffic to the puppet master, configured as you mentioned, using the appropriately signed certs. You could either do that from an already existing proxy server, or from the same node (go in there as root). This would allow a web browser to work correctly, but it may interfere with puppet’s certificate process if you are trying to use it for master/agent communication.

If you are using puppet on your own internal network, you could add your puppet master’s CA cert to your companies bowsers trusted CA veers.

Also, I found a reference for supplying your own, possibly externally signed certs - https://docs.puppet.com/pe/latest/ext...

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

1 follower

Stats

Asked: 2017-09-29 13:06:38 -0500

Seen: 38 times

Last updated: Sep 30