Renew Puppet CA and server certificates

Hi all,

our Puppet-Server Certificates will ends soon, We have more than 200+ clients, so if we dont renew that we have to add all 200+ clients manually again to our Puppet-Server.

Is there a way to renew the Puppet-Server certificates without get above problem?

Thank you in advance.

Puppet has published a guide covering this topic: Regenerating certificates in a Puppet deployment

All steps are done manually in the guide, but I would recommend to use the Remote-Execution plugin for regenerating the certificates on the agents at least.

If you have not setup REX yet, it would be a good thing to do this by installing the plugin and deploying the user, key and so on as long as puppet is still working.


thanks for your answer @Dirk

What I see here it will delete my ssl and how the clients will be able to get the new CA?

Ill check this.

Ill look at this too.

Some of the clients are not in our Network so I cannot reach them! they pulling from puppet-server.
Does above Link will work here too ?