Ask Your Question
0

How do I separate CA server from Master server

asked 2013-03-22 20:23:54 -0500

stormmaster gravatar image

I want my CA server separate from my master server. Basically, I want my clients to get the SSL certificate from ServerCA and register with ServerMaster. I changed the puppet.conf on the client and set the puppet master CA = false but the client wont create the SSL.

edit retag flag offensive close merge delete

Comments

Please provide logs from running the agent ("puppet agent -t") and copies of puppet.conf.

domcleal gravatar imagedomcleal ( 2013-03-23 04:30:06 -0500 )edit

Thank you for this link http://docs.puppetlabs.com/guides/scaling_multiple_masters.html#centralize-the-certificate-authority (http://docs.puppetlabs.com/guides/scalingmultiplemasters.html#centralize-the-certificate-authority) (http://docs.puppetlabs.com/guides/scalingmultiplemasters.html#centralize-the-certificate-authority)

stormmaster gravatar imagestormmaster ( 2013-03-25 16:35:13 -0500 )edit

2 Answers

Sort by ยป oldest newest most voted
2

answered 2013-03-25 13:03:13 -0500

It sounds like you're looking to do this: http://docs.puppetlabs.com/guides/scaling_multiple_masters.html#centralize-the-certificate-authority (http://docs.puppetlabs.com/guides/scalingmultiplemasters.html#centralize-the-certificate-authority)

The missing step that I think is causing the failure, is that your agents will need ca_server set in their puppet.conf to have the name of your serverCA.

edit flag offensive delete link more

Comments

We followed everything in the link and changed the puppet.conf but it still is not working. The CA gives us the certificate but the Puppet Master errors out.

stormmaster gravatar imagestormmaster ( 2013-04-04 12:44:46 -0500 )edit

I too facing the same issue. My supposed to be the CA Master receives the certificate sign request, but the agent does not show up on Master (where Console/dashboard running). Instead it shows on CA server's dashboard as a node which is not responding.

schowdh gravatar imageschowdh ( 2014-10-22 13:21:20 -0500 )edit
0

answered 2016-01-17 02:09:46 -0500

Amim gravatar image

I am experiencing similar issue. was this resolve? can you please share?

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

2 followers

Stats

Asked: 2013-03-22 20:23:54 -0500

Seen: 2,220 times

Last updated: Jan 17 '16