Hello,
I'm currently trying to upgrade a Puppet 3.8 site to something newer (eventually 5.5). The current setup uses Passenger with Apache and mod_nss. The reason mod_nss is used is because it uses the /etc/httpd/alias NSS database that Red Hat IPA uses. In there, certificates for each host are tracked. Moving forward, I see 3 scenarios, but have no clue yet if either one will work: - Figure out how/if puppetserver (Jetty) supports NSS based certificates - Continue to use the deprecated Rack/Passenger setup - (Deep) Dive into the (undocumented) scripts that are responsible for populating the NSS certificate database and also have it generate .pem files. Will either of the first 2 options work? Or are OpenSSL certificates the only external certificates that work with Puppet 4.x/5.x ?? Regards, Bart-Jan Vrielink -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/zarafa.5b69f5ea.12f7.3da21cbe3bd5060f%40anjie.dontpanic.nl. For more options, visit https://groups.google.com/d/optout.
