DOKK / manpages / debian 10 / puppet / puppet-certificate_request.8.en
PUPPET-CERTIFICATE_REQUEST(8) Puppet manual PUPPET-CERTIFICATE_REQUEST(8)

puppet-certificate_request - Manage certificate requests.

puppet certificate_request action [--terminus _TERMINUS] [--extra HASH]

This subcommand retrieves and submits certificate signing requests (CSRs).

Note that any setting that´s valid in the configuration file is also a valid long argument, although it may or may not be relevant to the present action. For example, server and run_mode are valid settings, so you can specify --server <servername>, or --run_mode <runmode> as an argument.

See the configuration file documentation at https://puppet.com/docs/puppet/latest/configuration.html for the full list of acceptable parameters. A commented list of all configuration options can also be generated by running puppet with --genconfig.

The format in which to render output. The most common formats are json, s (string), yaml, and console, but other options such as dot are sometimes available.
Whether to log verbosely.
Whether to log debug information.
A terminus can take additional arguments to refine the operation, which are passed as an arbitrary hash to the back-end. Anything passed as the extra value is just send direct to the back-end.
Indirector faces expose indirected subsystems of Puppet. These subsystems are each able to retrieve and alter a specific type of data (with the familiar actions of find, search, save, and destroy) from an arbitrary number of pluggable backends. In Puppet parlance, these backends are called terminuses.
Almost all indirected subsystems have a rest terminus that interacts with the puppet master´s data. Most of them have additional terminuses for various local data models, which are in turn used by the indirected subsystem on the puppet master whenever it receives a remote request.
The terminus for an action is often determined by context, but occasionally needs to be set explicitly. See the "Notes" section of this face´s manpage for more details.

SYNOPSIS
puppet certificate_request find [--terminus _TERMINUS] [--extra HASH] [host]
DESCRIPTION
Retrieve a single CSR.
RETURNS
A single certificate request. When used from the Ruby API, returns a Puppet::SSL::CertificateRequest object.
Defaults to the current nodes certname.
SYNOPSIS
puppet certificate_request info [--terminus _TERMINUS] [--extra HASH]
DESCRIPTION
Prints the default terminus class for this subcommand. Note that different run modes may have different default termini; when in doubt, specify the run mode with the ´--run_mode´ option.
SYNOPSIS
puppet certificate_request save [--terminus _TERMINUS] [--extra HASH] x509_CSR
DESCRIPTION
API only: create or overwrite an object. As the Faces framework does not currently accept data from STDIN, save actions cannot currently be invoked from the command line.
SYNOPSIS
puppet certificate_request search [--terminus _TERMINUS] [--extra HASH] dummy_text
DESCRIPTION
Retrieve all outstanding CSRs.
RETURNS
A list of certificate requests. When used from the Ruby API, returns an array of Puppet::SSL::CertificateRequest objects.
NOTES
Although this action always returns all CSRs, it requires a dummy search key; this is a known bug.

find

Retrieve a single CSR from the puppet master´s CA:

$ puppet certificate_request find somenode.puppetlabs.lan --terminus rest

search

Retrieve all CSRs from the local CA (similar to ´puppet cert list´):

$ puppet certificate_request search x --terminus ca

This subcommand is an indirector face, which exposes find, search, save, and destroy actions for an indirected subsystem of Puppet. Valid termini for this face include:

ca
disabled_ca
file
memory
rest

Copyright 2011 by Puppet Inc. Apache 2 license; see COPYING

June 2019 Puppet, Inc.