Open source Puppet documentation

NAME

puppet-ssl - Manage SSL keys and certificates for puppet SSL clients

SYNOPSIS

Manage SSL keys and certificates for SSL clients needing to communicate with a puppet infrastructure.

USAGE

puppet ssl action [-h|--help] [-v|--verbose] [-d|--debug] [--localca] [--target CERTNAME]

OPTIONS

  • --help: Print this help messsge.

  • --verbose: Print extra information.

  • --debug: Enable full debugging.

  • --localca Also clean the local CA certificate and CRL.

  • --target CERTNAME Clean the specified device certificate instead of this host's certificate.

ACTIONS

submit_request

Generate a certificate signing request (CSR) and submit it to the CA. If a private and public key pair already exist, they will be used to generate the CSR. Otherwise a new key pair will be generated. If a CSR has already been submitted with the given certname, then the operation will fail.

download_cert

Download a certificate for this host. If the current private key matches the downloaded certificate, then the certificate will be saved and used for subsequent requests. If there is already an existing certificate, it will be overwritten.

verify

Verify the private key and certificate are present and match, verify the certificate is issued by a trusted CA, and check revocation status.

clean

Remove the private key and certificate related files for this host. If --localca is specified, then also remove this host's local copy of the CA certificate(s) and CRL bundle. if --target CERTNAME is specified, then remove the files for the specified device on this host instead of this host.

Back to top
The page rank or the 1 our of 5 rating a user has given the page.
The email address of the user submitting feedback.
The URL of the page being ranked/rated.