puppet-certificate_request - Manage certificate
requests.
puppet certificate_request action [--terminus _TERMINUS]
[--extra HASH]
This subcommand retrieves and submits certificate signing requests
(CSRs).
Note that any setting that´s valid in the configuration
file is also a valid long argument, although it may or may not be relevant
to the present action. For example, server and run_mode are
valid settings, so you can specify --server <servername>, or
--run_mode <runmode> as an argument.
See the configuration file documentation at
https://puppet.com/docs/puppet/latest/configuration.html for the full
list of acceptable parameters. A commented list of all configuration options
can also be generated by running puppet with --genconfig.
- --render-as
FORMAT
- The format in which to render output. The most common formats are
json, s (string), yaml, and console, but other
options such as dot are sometimes available.
- --verbose
- Whether to log verbosely.
- --debug
- Whether to log debug information.
- A terminus can take additional arguments to refine the operation, which
are passed as an arbitrary hash to the back-end. Anything passed as the
extra value is just send direct to the back-end.
- --terminus
_TERMINUS
- Indirector faces expose indirected subsystems of Puppet. These subsystems
are each able to retrieve and alter a specific type of data (with the
familiar actions of find, search, save, and
destroy) from an arbitrary number of pluggable backends. In Puppet
parlance, these backends are called terminuses.
- Almost all indirected subsystems have a rest terminus that
interacts with the puppet master´s data. Most of them have
additional terminuses for various local data models, which are in turn
used by the indirected subsystem on the puppet master whenever it receives
a remote request.
- The terminus for an action is often determined by context, but
occasionally needs to be set explicitly. See the "Notes" section
of this face´s manpage for more details.
- find - Retrieve a
single CSR.
- SYNOPSIS
- puppet certificate_request find [--terminus _TERMINUS] [--extra HASH]
[host]
- DESCRIPTION
- Retrieve a single CSR.
- RETURNS
- A single certificate request. When used from the Ruby API, returns a
Puppet::SSL::CertificateRequest object.
- Defaults to the current nodes certname.
- info - Print the
default terminus class for this face.
- SYNOPSIS
- puppet certificate_request info [--terminus _TERMINUS] [--extra HASH]
- DESCRIPTION
- Prints the default terminus class for this subcommand. Note that different
run modes may have different default termini; when in doubt, specify the
run mode with the ´--run_mode´ option.
- save - API only: submit
a certificate signing request.
- SYNOPSIS
- puppet certificate_request save [--terminus _TERMINUS] [--extra HASH]
x509_CSR
- DESCRIPTION
- API only: create or overwrite an object. As the Faces framework does not
currently accept data from STDIN, save actions cannot currently be invoked
from the command line.
- search - Retrieve
all outstanding CSRs.
- SYNOPSIS
- puppet certificate_request search [--terminus _TERMINUS] [--extra HASH]
dummy_text
- DESCRIPTION
- Retrieve all outstanding CSRs.
- RETURNS
- A list of certificate requests. When used from the Ruby API, returns an
array of Puppet::SSL::CertificateRequest objects.
- NOTES
- Although this action always returns all CSRs, it requires a dummy search
key; this is a known bug.
find
Retrieve a single CSR from the puppet master´s CA:
$ puppet certificate_request find somenode.puppetlabs.lan
--terminus rest
search
Retrieve all CSRs from the local CA (similar to ´puppet
cert list´):
$ puppet certificate_request search x --terminus ca
This subcommand is an indirector face, which exposes find,
search, save, and destroy actions for an indirected
subsystem of Puppet. Valid termini for this face include:
- ○
- ca
- ○
- disabled_ca
- ○
- file
- ○
- memory
- ○
- rest
-
Copyright 2011 by Puppet Inc. Apache 2 license; see COPYING