Good afternoon. Please tell me, is there any instructions for setting up automatic signature in the puppet certification authority? all I see now in the foreman web interface is the ability to create an auto-signature, but without the possibility of any settings.
Foreman and Proxy versions:
Foreman and Proxy plugin versions:
Distribution and version:
Other relevant data:
I’m not sure I fully understand what you want to achieve. However if you navigate to Infrastructure -> Smart Proxies and pick a proxy with Puppet CA feature, under the Puppet CA tab you can find Autosign entries. Foreman typically adds a record for the host that’s being provisioned and removes it afterwards. You can create your own entry,
* can be used as a wildcard. So for example, you can allow
*.example.com or simply
* if you want to auto-sign any request.
There’s also another way to setup the Puppet CA so instead of Foreman maintaining the autosign config, Puppet CA asks Foreman whether it should sign the request. See the manual for more details on both approaches.
Thank you so much, this is what you need.