Puppet has built-in Certificate Authority (CA) and Public Key Infrastructure (PKI) tools that makes the administration of the SSL certificates of agents and other components on a Puppet infrastructure much easier. Originally designed to provide certificates for Puppet’s infrastructure, the built-in CA and PKI can be very handy in many different scenarios, greatly reducing extra work and rising the bar for overall security on an enterprise environment. We will explore some examples on using the internal CA and PKI for configuring web servers, VPNs, web browsers certificate stores, WiFi WPA TLS authentication using 802.1x and others. These examples come from real world deployments.
Miguel holds degrees in computer science and network specialization. At university he participated on the Google Summer of Code, working on the the QEMU project. Most of his career, Miguels has worked as a Linux system administrator and instructor. He has contributed to open source projects in many ways, from patches to talks at conferences and events. A few years ago, he was already using Puppet and decided to begin his own company. Miguel found out that Puppet Labs was recruiting partners and applied. Since then, he has done a lot of Puppet consulting and training as the Puppet Labs Authorized Training Partner of Brazil. Miguel is also one of the founders of the Puppet Brazilian Community.