These are held in the CA inventory .../puppet/ssl/ca/inventory.txt See https://ask.puppet.com/question/25818/how-to-manage-size-of-inventorytxt/ for a discussion about cleaning it up, but essentially - delete your test host entries here
John On 23 April 2018 at 00:32, Marc Haber <[email protected]> wrote: > Hi, > > I do have a certain host that I use for testing. It thus gets deleted > and re-created (in Foreman) over and over again. Eventually, rebuilding > the host times out at the puppet cert clean state. > > Foreman issues "puppet cert clean FQDN". When I invoke that from the > command line, I get "Notice: Revoked certificate" for a number of > serials, filling screens: > > Notice: Revoked certificate with serial 4898 > Notice: Revoked certificate with serial 4903 > Notice: Revoked certificate with serial 4904 > Notice: Revoked certificate with serial 4945 > Notice: Revoked certificate with serial 4946 > Notice: Revoked certificate with serial 5149 > > When the foreman cert clean has eventually finished, the foreman-proxy > has timed out in the mean time, and the build fails. Repeating the > puppet cert clean results in the same serials being revoked again and > again. > > Is there a method to clean up the puppet CA so that puppet cert clean > doesn't try revoking certificates that do no longer exist at all? > > There is no file matching the FQDN in /var/lib/puppet/ssl at all. > > Greetings > Marc > > -- > ------------------------------------------------------------ > ----------------- > Marc Haber | "I don't trust Computers. They | Mailadresse im Header > Leimen, Germany | lose things." Winona Ryder | Fon: *49 6224 1600402 > Nordisch by Nature | How to make an American Quilt | Fax: *49 6224 1600421 > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit https://groups.google.com/d/ > msgid/puppet-users/20180422143251.i5t7v77ed3el5p7e%40torres.zugschlus.de. > For more options, visit https://groups.google.com/d/optout. > -- John Warburton Ph: 0417 299 600 Email: [email protected] -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CAAJLFxVctYSeKEz9whgUERnQBw7WqZ%3DxBoCuMA9vM2jkuiooog%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
