puppet-certificate_request - Manage certificate
requests.
puppet certificate_request action [--terminus _TERMINUS]
[--extra HASH]
This subcommand retrieves and submits certificate signing requests
(CSRs).
Note that any setting that's valid in the configuration file is
also a valid long argument, although it may or may not be relevant to the
present action. For example, server and run_mode are valid
settings, so you can specify --server <servername>, or
--run_mode <runmode> as an argument.
See the configuration file documentation at
https://puppet.com/docs/puppet/latest/configuration.html for the full
list of acceptable parameters. A commented list of all configuration options
can also be generated by running puppet with --genconfig.
- --render-as
FORMAT
- The format in which to render output. The most common formats are
json, s (string), yaml, and console, but other
options such as dot are sometimes available.
- --verbose
- Whether to log verbosely.
- --debug
- Whether to log debug information.
- A terminus can take additional arguments to refine the operation, which
are passed as an arbitrary hash to the back-end. Anything passed as the
extra value is just send direct to the back-end.
- --terminus
_TERMINUS
- Indirector faces expose indirected subsystems of Puppet. These subsystems
are each able to retrieve and alter a specific type of data (with the
familiar actions of find, search, save, and
destroy) from an arbitrary number of pluggable backends. In Puppet
parlance, these backends are called terminuses.
- Almost all indirected subsystems have a rest terminus that
interacts with the puppet master's data. Most of them have additional
terminuses for various local data models, which are in turn used by the
indirected subsystem on the puppet master whenever it receives a remote
request.
- The terminus for an action is often determined by context, but
occasionally needs to be set explicitly. See the "Notes" section
of this face's manpage for more details.
- find - Retrieve a
single CSR.
- SYNOPSIS
- puppet certificate_request find [--terminus _TERMINUS] [--extra HASH]
[host]
- DESCRIPTION
- Retrieve a single CSR.
- RETURNS
- A single certificate request. When used from the Ruby API, returns a
Puppet::SSL::CertificateRequest object.
- Defaults to the current nodes certname.
- info - Print the
default terminus class for this face.
- SYNOPSIS
- puppet certificate_request info [--terminus _TERMINUS] [--extra HASH]
- DESCRIPTION
- Prints the default terminus class for this subcommand. Note that different
run modes may have different default termini; when in doubt, specify the
run mode with the '--run_mode' option.
- save - API only: submit
a certificate signing request.
- SYNOPSIS
- puppet certificate_request save [--terminus _TERMINUS] [--extra HASH]
x509_CSR
- DESCRIPTION
- API only: create or overwrite an object. As the Faces framework does not
currently accept data from STDIN, save actions cannot currently be invoked
from the command line.
- search - Retrieve
all outstanding CSRs.
- SYNOPSIS
- puppet certificate_request search [--terminus _TERMINUS] [--extra HASH]
dummy_text
- DESCRIPTION
- Retrieve all outstanding CSRs.
- RETURNS
- A list of certificate requests. When used from the Ruby API, returns an
array of Puppet::SSL::CertificateRequest objects.
- NOTES
- Although this action always returns all CSRs, it requires a dummy search
key; this is a known bug.
find
Retrieve a single CSR from the puppet master's CA:
$ puppet certificate_request find somenode.puppetlabs.lan
--terminus rest
search
Retrieve all CSRs from the local CA (similar to 'puppet cert
list'):
$ puppet certificate_request search x --terminus ca
This subcommand is an indirector face, which exposes find,
search, save, and destroy actions for an indirected
subsystem of Puppet. Valid termini for this face include:
- ○
- ca
- ○
- disabled_ca
- ○
- file
- ○
- memory
- ○
- rest
-
Copyright 2011 by Puppet Inc. Apache 2 license; see COPYING