Man Page: puppet certificate_request
Included in Puppet Enterprise 3.8. A newer version is available; see the version menu above for details.
puppet-certificate_request - Manage certificate requests.
puppet certificate_request action [--terminus TERMINUS] [--extra HASH]
This subcommand retrieves and submits certificate signing requests (CSRs).
Note that any setting that's valid in the configuration
file is also a valid long argument, although it may or may not be
relevant to the present action. For example,
run_mode are valid
settings, so you can specify
--server <servername>, or
--run_mode <runmode> as an argument.
See the configuration file documentation at
http://docs.puppetlabs.com/puppet/latest/reference/configuration.html for the
full list of acceptable parameters. A commented list of all
configuration options can also be generated by running puppet with
- --render-as FORMAT
- The format in which to render output. The most common formats are
console, but other options such as
dotare sometimes available.
- Whether to log verbosely.
- Whether to log debug information.
- --extra HASH
- A terminus can take additional arguments to refine the operation, which are passed as an arbitrary hash to the back-end. Anything passed as the extra value is just send direct to the back-end.
- --terminus TERMINUS
Indirector faces expose indirected subsystems of Puppet. These subsystems are each able to retrieve and alter a specific type of data (with the familiar actions of
destroy) from an arbitrary number of pluggable backends. In Puppet parlance, these backends are called terminuses.
Almost all indirected subsystems have a
restterminus that interacts with the puppet master's data. Most of them have additional terminuses for various local data models, which are in turn used by the indirected subsystem on the puppet master whenever it receives a remote request.
The terminus for an action is often determined by context, but occasionally needs to be set explicitly. See the "Notes" section of this face's manpage for more details.
destroy- Invalid for this subcommand.
puppet certificate_request destroy [--terminus TERMINUS] [--extra HASH] key
Invalid for this subcommand.
find- Retrieve a single CSR.
puppet certificate_request find [--terminus TERMINUS] [--extra HASH] host
Retrieve a single CSR.
A single certificate request. When used from the Ruby API, returns a Puppet::SSL::CertificateRequest object.
info- Print the default terminus class for this face.
puppet certificate_request info [--terminus TERMINUS] [--extra HASH]
Prints the default terminus class for this subcommand. Note that different run modes may have different default termini; when in doubt, specify the run mode with the '--run_mode' option.
save- API only: submit a certificate signing request.
puppet certificate_request save [--terminus TERMINUS] [--extra HASH] x509_CSR
API only: create or overwrite an object. As the Faces framework does not currently accept data from STDIN, save actions cannot currently be invoked from the command line.
search- Retrieve all outstanding CSRs.
puppet certificate_request search [--terminus TERMINUS] [--extra HASH] dummy_text
Retrieve all outstanding CSRs.
A list of certificate requests. When used from the Ruby API, returns an array of Puppet::SSL::CertificateRequest objects.
Although this action always returns all CSRs, it requires a dummy search key; this is a known bug.
Retrieve a single CSR from the puppet master's CA:
$ puppet certificate_request find somenode.puppetlabs.lan --terminus rest
Retrieve all CSRs from the local CA (similar to 'puppet cert list'):
$ puppet certificate_request search x --terminus ca
This subcommand is an indirector face, which exposes
destroy actions for an indirected subsystem of Puppet. Valid termini for
this face include:
COPYRIGHT AND LICENSE
Copyright 2011 by Puppet Labs Apache 2 license; see COPYING