Chinaunix首页 | 论坛 | 博客
  • 博客访问: 338017
  • 博文数量: 62
  • 博客积分: 0
  • 博客等级: 民兵
  • 技术积分: 710
  • 用 户 组: 普通用户
  • 注册时间: 2013-05-14 14:12
个人简介

太懒

文章分类

全部博文(62)

文章存档

2015年(8)

2014年(20)

2013年(34)

我的朋友

分类: LINUX

2013-05-17 14:56:22

puppet客户端重装系统之前,服务器端需要删除相应的ssl证书文件,否则会出错,比如下边:


executing post install  my2950.momo.org
hostname for puppet is node1
err: Could not request certificate: Retrieved certificate does not match private
Exiting; failed to retrieve certificate and waitforcert is disabled



* clean:
  Revoke a host's certificate (if applicable) and remove all files
  related to that host from puppet cert's storage. This is useful when
  rebuilding hosts, since new certificate signing requests will only be
  honored if puppet cert does not have a copy of a signed certificate
  for that host. If '--all' is specified then all host certificates,
  both signed and unsigned, will be removed.

[root@my2950 puppet]# puppet cert list --all
+ my2950.***.com (CF:38:DF:90:4F:1A:43:9D:AF:39:39:3D:A4:B0:DB:1F) (alt names: DNS:my2950.***.com, DNS:puppet, DNS:puppet.***.com)
+ node1                (8D:05:9F:F4:50:90:D2:1A:B7:F2:40:2C:9A:1E:99:41)
+ node1.***.com      (08:1F:C2:B7:68:C7:05:E4:2E:F3:1B:E9:69:DF:24:1F)
+ node1.momo.org       (98:BC:2D:62:FC:2D:C6:6C:4F:AF:A9:4F:5A:C3:23:FB)

[root@my2950 puppet]# puppet cert clean --all
notice: Revoked certificate with serial 5
notice: Revoked certificate with serial 6
notice: Revoked certificate with serial 4
notice: Revoked certificate with serial 2
notice: Removing file Puppet::SSL::Certificate node1.momo.org at '/var/lib/puppet/ssl/ca/signed/node1.momo.org.pem'
notice: Removing file Puppet::SSL::Certificate node1.momo.org at '/var/lib/puppet/ssl/certs/node1.momo.org.pem'
notice: Removing file Puppet::SSL::Certificate node1 at '/var/lib/puppet/ssl/ca/signed/node1.pem'
notice: Removing file Puppet::SSL::Certificate node1 at '/var/lib/puppet/ssl/certs/node1.pem'
notice: Removing file Puppet::SSL::Certificate node1.hjshi.com at '/var/lib/puppet/ssl/ca/signed/node1.hjshi.com.pem'
notice: Removing file Puppet::SSL::Certificate node1.hjshi.com at '/var/lib/puppet/ssl/certs/node1.hjshi.com.pem'
notice: Removing file Puppet::SSL::Certificate my2950.qilinsoft.com at '/var/lib/puppet/ssl/ca/signed/my2950.qilinsoft.com.pem'
notice: Removing file Puppet::SSL::Certificate my2950.qilinsoft.com at '/var/lib/puppet/ssl/certs/my2950.qilinsoft.com.pem'
notice: Removing file Puppet::SSL::Key my2950.qilinsoft.com at '/var/lib/puppet/ssl/private_keys/my2950.qilinsoft.com.pem'
[root@my2950 puppet]#
[root@my2950 puppet]#
[root@my2950 puppet]#
[root@my2950 puppet]#


阅读(1326) | 评论(0) | 转发(0) |
给主人留下些什么吧!~~