Accessing the Console

A newer version is available; see the version menu above for details.

The console is Puppet Enterprise’s web UI. Use it to:

  • Manage node requests to join the Puppet deployment
  • Assign Puppet classes to nodes and groups
  • View reports and activity graphs
  • Trigger Puppet runs on demand
  • Browse and compare resources on your nodes
  • View inventory data
  • Invoke orchestration actions on your nodes
  • Manage console users and their access privileges

Reaching the Console

The console will be served as a website over SSL, on whichever port you chose when installing the console component.

Let’s say your console server is If you chose to use the default port of 443, you can omit the port from the URL and can reach the console by navigating to:

If you chose to use port 8443, you would reach the console at:

Note the https protocol handler — you cannot reach the console over plain http.

Accepting the Console’s Certificate

The console uses an SSL certificate created by your own local Puppet certificate authority. Since this authority is specific to your site, web browsers won’t know it or trust it, and you’ll have to add a security exception in order to access the console.

This is safe to do. Your web browser will warn you that the console’s identity hasn’t been verified by one of the external authorities it knows of, but that doesn’t mean it’s untrustworthy. Since you or another administrator at your site is in full control of which certificates the Puppet certificate authority signs, the authority verifying the site is you.

Accepting the Certificate in Google Chrome or Chromium

Step 1:

Screenshot: Chrome showing an untrusted cert warning, with the 'Proceed anyway' button highlighted

Step 2:

Screenshot: Chrome showing an untrusted cert warning, with the 'Proceed to IP address' button highlighted

Accepting the Certificate in Mozilla Firefox

Click I Understand the Risks to reveal more of the page, then click the Add Exception… button. On the dialog this raises, click the Confirm Security Exception button.

Step 1:

Screenshot: Firefox's untrusted cert warning, with two controls highlighted

Step 2:

Screenshot: Firefox's cert details dialog, with the confirm button highlighted

Accepting the Certificate in Apple Safari

Click the Continue button on the warning dialog.

Screenshot: Safari's untrusted cert dialog, with the continue button highlighted

Note: Safari certificate handling may prevent console access.

Due to Apache bug 53193 and the way Safari handles certificates, Puppet Labs recommends that PE 2015.2 users avoid using Safari to access the PE console.

If you need to use Safari, you may encounter the following dialog box the first time you attempt to access the console after installing/upgrading PE 2015.2:

Safari Certificate Dialog

If this happens, click Cancel to access the console. (In some cases, you may need to click Cancel several times.)

Accepting the Certificate in Microsoft Internet Explorer

Click the Continue to this website (not recommended) link on the warning page.

Screenshot: IE's untrusted cert page, with the continue link highlighted

Logging In

For security, accessing the console requires a user name and password. PE allows three different levels of user access: read, read-write, and admin. If you are an admin setting up the console or accessing it for the first time, use the user and password you chose when you installed the console. Otherwise, you will need to get credentials from your site’s administrator. See the user management information for more information on managing console user accounts.

Since the console is the main point of control for your infrastructure, you will probably want to decline your browser’s offer to remember its password.

↑ Back to top