Setting up Puppet certificates

Run Puppet agent to generate a certificate for the Puppet Server to sign:

$ sudo puppet agent -t

Log into to your Puppet Server, and list the certificates that need approval:

$ sudo puppet cert list

It should output a list with your node’s hostname.

Approve the certificate, replacing hostname.example.com with your agent's node name:

$ sudo puppet cert sign hostname.example.com

Back on the Puppet agent node, run the puppet agent again:

$ sudo puppet agent -t

Note

Remember that private network DNS is a prerequisite for a successful certificate signing.