Puppet Learning Summary Certificate Automatic Certification

Source: Internet
Author: User

puppet Certificate Automatic certification of learning summary

This article mainly introduces briefly puppet Certificate automatic authentication, due to manual authentication is more cumbersome. puppet installation is not described here, refer to the previous document "puppet Introduction and based on httpd instance Deployment".

First, the system environment

System Platform: centos6.6_x86_64

Host Planning:

192.168.115.21 puppet1.hnr.com Master

192.168.115.22 puppet2.hnr.com Agent

192.168.115.23 puppet3.hnr.com Agent

Second, clear the original certificate

If the original client has already checked the certificate, the following actions are required to empty the old certificate, otherwise the authentication will fail

1. Execute the following command on the server where "puppet2.hnr.com" is the relevant client host

# Puppet cert Clean puppet2.hnr.com

2. Execute the following command on the client

# Find/var/lib/puppet/ssl-name Puppet2.hnr.com.pem-delete

Third, Puppet Master server-side configuration

1. allow hosts for all hnr.com domains to automatically issue certificates

# vi/etc/puppet/autosign.conf

*.hnr.com

2. Modify fileserver.conf

grant to this file /etc/puppet/files permissions for the directory

# vi/etc/puppet/fileserver.conf

[Files]

Path/etc/puppet/files

Allow *.hnr.com

Four, Puppet Agent Client Configuration

1. increase the listening and specifying the server domain name

# vi/etc/puppet/puppet.conf

[Agent]

listen = true # Monitor 8139 Port

Server = Puppet 1 . hnr.com

2. Modify auth.conf

Allow Master initiating Kick command, in Path/ before increase

# vi/etc/puppet/auth.conf

Path/run

Method Save

Allow puppet 1 . hnr.com

v. Start the server and client puppet program

1. After the boot, view on the service side

650) this.width=650; "title=" 01.png "src=" http://s3.51cto.com/wyfs02/M02/6F/EA/wKioL1WtqVeCyk8SAAGKP14VShM835.jpg "alt=" Wkiol1wtqvecyk8saagkp14vshm835.jpg "/>

At this point, the certificate has been automatically certified complete

2. Execute the following command on the client

650) this.width=650; "title=" 02.png "src=" http://s3.51cto.com/wyfs02/M02/6F/EE/wKiom1Wtp4izmIT1AAGhoXH3bWQ481.jpg "alt=" Wkiom1wtp4izmit1aaghoxh3bwq481.jpg "/>

At this point, the client communicates properly with the server

This article is from the "Linux Road" blog, make sure to keep this source http://hnr520.blog.51cto.com/4484939/1676614

Puppet Learning Summary Certificate Automatic Certification

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.