Accessing the console
The console is Puppet Enterprise’s web UI. Use it to:
- Manage node requests to join the Puppet deployment.
- Assign Puppet classes to nodes and groups.
- View reports and activity graphs.
- Browse and compare resources on your nodes.
- View inventory data.
- Manage console users and their access privileges.
Reaching the console
The console is served as a website over SSL, on whichever port you chose when installing the console component.
Let’s say your console server is
console.domain.com. If you chose to use the default port of 443, you can omit the port from the URL and reach the console by navigating to:
If you chose to use port 8443, you reach the console at:
https protocol handler — you cannot reach the console over plain
Accepting the console’s certificate
The console uses an SSL certificate created by your own local Puppet certificate authority. Since this authority is specific to your site, web browsers won’t know it or trust it, and you’ll have to add a security exception in order to access the console.
This is safe to do. Your web browser will warn you that the console’s identity hasn’t been verified by one of the external authorities it knows of, but that doesn’t mean it’s untrustworthy. Since you or another administrator at your site is in full control of which certificates the Puppet certificate authority signs, the authority verifying the site is you.
Accepting the certificate in Google Chrome or Chromium
Step 1: When you receive a warning that the connection isn’t private, click Advanced.
Step 2: Click to proceed to the master.
Accepting the certificate in Mozilla Firefox
Step 1: When you receive a warning that the connection is untrusted, click I Understand the Risks, then click Add Exception.
Step 2: Click Confirm Security Exception.
Accepting the certificate in Apple Safari
Click the Continue button on the warning dialog.
Note: Safari certificate handling may prevent console access.
Due to Apache bug 53193 and the way Safari handles certificates, Puppet recommends that you avoid using Safari to access the PE console.
If you need to use Safari, you may encounter the following dialog box the first time you attempt to access the console after installing/upgrading PE:
If this happens, click Cancel to access the console. (In some cases, you may need to click Cancel several times.)
Accepting the certificate in Microsoft Internet Explorer
Click the Continue to this website (not recommended) link on the warning page.
For security, accessing the console requires a username and password. If you are an administrator setting up the console or accessing it for the first time, use the username and password you chose when you installed the console. Otherwise, get credentials from your site’s administrator. See the user management information for more information on managing console user accounts.
Since the console is the main point of control for your infrastructure, you probably want to decline your browser’s offer to remember its password.
Note: Resetting the admin password for console access relies on a utility script that’s located in the installer tarball. See Troubleshooting admin and user access to the console for steps to reset the admin password.