Puppet Agent still able to connect to Master after certificate revocation
Posted
by
chris
on Server Fault
See other posts from Server Fault
or by chris
Published on 2012-06-21T06:21:56Z
Indexed on
2012/06/26
3:18 UTC
Read the original article
Hit count: 418
puppet
In summary:
- Client connects for the first time and requests cert;
- on the Master,
puppetca -s client
is executed; - Client gets the cert and completes the run successfully.
Fine. But now:
- on the Master,
puppetca -c client
is executed and client's cert is not in the cert list anymore; - Client connects again and can perform the run as usual;
Restarting puppetmasterd doesn't solve the issue. How can I prevent client to connect once its cert has been revoked?
Thanks in advance
© Server Fault or respective owner