Ask Your Question

How do I separate CA server from Master server

asked 2013-03-22 20:23:54 -0600

stormmaster gravatar image

I want my CA server separate from my master server. Basically, I want my clients to get the SSL certificate from ServerCA and register with ServerMaster. I changed the puppet.conf on the client and set the puppet master CA = false but the client wont create the SSL.

edit retag flag offensive close merge delete


Please provide logs from running the agent ("puppet agent -t") and copies of puppet.conf.

domcleal gravatar imagedomcleal ( 2013-03-23 04:30:06 -0600 )edit

Thank you for this link ( (

stormmaster gravatar imagestormmaster ( 2013-03-25 16:35:13 -0600 )edit

2 Answers

Sort by ยป oldest newest most voted

answered 2013-03-25 13:03:13 -0600

It sounds like you're looking to do this: (

The missing step that I think is causing the failure, is that your agents will need ca_server set in their puppet.conf to have the name of your serverCA.

edit flag offensive delete link more


We followed everything in the link and changed the puppet.conf but it still is not working. The CA gives us the certificate but the Puppet Master errors out.

stormmaster gravatar imagestormmaster ( 2013-04-04 12:44:46 -0600 )edit

I too facing the same issue. My supposed to be the CA Master receives the certificate sign request, but the agent does not show up on Master (where Console/dashboard running). Instead it shows on CA server's dashboard as a node which is not responding.

schowdh gravatar imageschowdh ( 2014-10-22 13:21:20 -0600 )edit

answered 2016-01-17 02:09:46 -0600

Amim gravatar image

I am experiencing similar issue. was this resolve? can you please share?

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools



Asked: 2013-03-22 20:23:54 -0600

Seen: 2,911 times

Last updated: Jan 17 '16