ReleaseEngineering/PuppetAgain/Certificate Chaining: Difference between revisions

Jump to navigation Jump to search

ReleaseEngineering/PuppetAgain/Certificate Chaining (view source)

Revision as of 12:59, 13 May 2013

249 bytes added ,  13 May 2013
→‎Certificate Hierarchy
 
Line 36: Line 36:
         .
         .


Note Master and Agent certs are functionally identical.  The "OU=PuppetMasters" is important so that each puppetmaster can have a master and agent cert with the same fqdn.
Notes:
* Here and throughout these docs, the terms "root" and "base" CA are used interchangeably.  "Root" is preferred.
* Master and Agent certs are nearly identical, except that one has an EKU allowing use as SSL clients, and the other only allows SSL server.  The "OU=PuppetMasters" is important so that each puppetmaster can have a master and agent cert with the same fqdn, but the certificate subjects are different.


= Master Initialization =
= Master Initialization =
Djmitche
canmove, Confirmed users
1,394

edits

Retrieved from "https://wiki.mozilla.org/Special:MobileDiff/655160"

Navigation menu