Project

General

Profile

Certificate Management » History » Version 4

« Previous - Version 4/5 (diff) - Next » - Current version
Dominic Cleal, 01/10/2013 06:25 AM
List both Puppet 2 and 3 commands


Certificate Management

  1. install a smart proxy
  2. access certificates and autosign via more --> smart proxies

Foreman-proxy user should be added into sudoers

On Puppet 2.x, use:

foreman-proxy ALL = NOPASSWD: /usr/sbin/puppetca, /usr/sbin/puppetrun
Defaults:foreman-proxy !requiretty

On Puppet 3.0 or higher, the puppetca binary has been removed and so the Smart Proxy will use puppet cert. The sudoers entry should be:

foreman-proxy ALL = NOPASSWD : /usr/bin/puppet cert *, /usr/bin/puppet kick *
Defaults:foreman-proxy !requiretty