0

I accidentally deleted SSL and now there is nothing inside my /etc/puppetlabs/puppet/ssl/certificate_requests/. I have tried re-installing puppet master and done few other things but it hasn't solved yet.

Is there a way to get the certificates back without having to re-configure puppet master again and doing all the steps?

Peter Souter
  • 5,110
  • 1
  • 33
  • 62
James
  • 193
  • 2
  • 4
  • 15
  • 2
    If you know have backup on the ssl folder in puppet master, then the answer is "NO". – BMW Oct 22 '15 at 03:41
  • Really, the `certificate_requests` directory is the least of your worries. If you deleted the whole `ssl/` directory then you deleted the master's host and CA certificates, and without those you are thoroughly hosed. Recover from backup (you *do* have backups, right?). – John Bollinger Oct 22 '15 at 21:20
  • Looks like magically I am okay. I have ssl directory now(it's in /etc/puppetlabs/puppet/ssl), and whenever I pass the certificates to the new hosts I am configuring now, it seems to work fine. – James Oct 22 '15 at 21:48
  • 1
    Check if the old hosts can run puppet also. Most probably you will need to redo the certificates for those ones. – cristi Oct 23 '15 at 19:44
  • Spot on. Did that. I had to pass the certificates to the ones I deleted.Now it's fine. Thanks everyone. – James Oct 24 '15 at 16:21

1 Answers1

1

Run puppet agent --test on clients. It will generate new certificate and request to the puppet master. On puppet master you will get new request from client. Check out new request using command puppet cert list and sign the request with puppet cert sign $cert_name

Reference

sharvil_parekh
  • 435
  • 2
  • 5
  • 12