SSL and Puppet

SSL is a core component of Puppet. The Puppet Master uses SSL certificates to authenticate client systems. Proper management of SSL is vitally important to ensure that your Puppet system is secure and behaves properly.

Note

This section assumes you have some knowledge about the working of SSL. If you require a primer on SSL, a good reference is https://info.ssl.com/ssl-made-easy-for-beginners/.

By default, the Puppet Master will act as an SSL Certificate Authority (CA). As part of the SSL CA, the master will accept certificate requests from new agents. You can then choose whether to sign the certificate on the master. There is also a methodology to enable autosigning. We'll cover this in the next section.

Puppet can also support use ...

Get Learning Puppet Security now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.