puppet-certificate_request (8) - Linux Man Pages
puppet-certificate_request: Manage certificate requests.
NAMEpuppet-certificate_request - Manage certificate requests.
SYNOPSISpuppet certificate_request action [--terminus TERMINUS] [--extra HASH]
DESCRIPTIONThis subcommand retrieves and submits certificate signing requests (CSRs).
OPTIONSNote that any configuration parameter that's valid in the configuration file is also a valid long argument, although it may or may not be relevant to the present action. For example, server and run_mode are valid configuration parameters, so you can specify --server <servername>, or --run_mode <runmode> as an argument.
See the configuration file documentation at http://docs.puppetlabs.com/references/stable/configuration.html for the full list of acceptable parameters. A commented list of all configuration options can also be generated by running puppet with --genconfig.
- --render-as FORMAT
- The format in which to render output. The most common formats are json, s (string), yaml, and console, but other options such as dot are sometimes available.
- Whether to log verbosely.
- Whether to log debug information.
- --extra HASH
- A terminus can take additional arguments to refine the operation, which are passed as an arbitrary hash to the back-end. Anything passed as the extra value is just send direct to the back-end.
- --terminus TERMINUS
- Indirector faces expose indirected subsystems of Puppet. These subsystems are each able to retrieve and alter a specific type of data (with the familiar actions of find, search, save, and destroy) from an arbitrary number of pluggable backends. In Puppet parlance, these backends are called terminuses.
- Almost all indirected subsystems have a rest terminus that interacts with the puppet master's data. Most of them have additional terminuses for various local data models, which are in turn used by the indirected subsystem on the puppet master whenever it receives a remote request.
- The terminus for an action is often determined by context, but occasionally needs to be set explicitly. See the "Notes" section of this face's manpage for more details.
- destroy - Invalid for this subcommand.
- puppet certificate_request destroy [--terminus TERMINUS] [--extra HASH] key
- Invalid for this subcommand.
- find - Retrieve a single CSR.
- puppet certificate_request find [--terminus TERMINUS] [--extra HASH] host
- Retrieve a single CSR.
- A single certificate request. When used from the Ruby API, returns a Puppet::SSL::CertificateRequest object.
- info - Print the default terminus class for this face.
- puppet certificate_request info [--terminus TERMINUS] [--extra HASH]
- Prints the default terminus class for this subcommand. Note that different run modes may have different default termini; when in doubt, specify the run mode with the '--run_mode' option.
- save - API only: submit a certificate signing request.
- puppet certificate_request save [--terminus TERMINUS] [--extra HASH] x509_CSR
- API only: create or overwrite an object. As the Faces framework does not currently accept data from STDIN, save actions cannot currently be invoked from the command line.
- search - Retrieve all outstanding CSRs.
- puppet certificate_request search [--terminus TERMINUS] [--extra HASH] dummy_text
- Retrieve all outstanding CSRs.
- A list of certificate requests. When used from the Ruby API, returns an array of Puppet::SSL::CertificateRequest objects.
- Although this action always returns all CSRs, it requires a dummy search key; this is a known bug.
Retrieve a single CSR from the puppet master's CA:
$ puppet certificate_request find somenode.puppetlabs.lan --terminus rest
Retrieve all CSRs from the local CA (similar to 'puppet cert list'):
NOTESThis subcommand is an indirector face, which exposes find, search, save, and destroy actions for an indirected subsystem of Puppet. Valid termini for this face include:
COPYRIGHT AND LICENSECopyright 2011 by Puppet Labs Apache 2 license; see COPYING