A note and a complaint. Being a lazy sysadmin, I configured my ca_ttl to
25y. I assumed (poorly) that the ca would be created with the 25 year life
span, and then certs would be created and use the end date of the root
cert. This is not correct. Somehow a root CA can create certificates that
extend beyond it's expiration.

On 32-bit servers 25Y is beyond the end of the world. In puppet, this
results in the generic message:

err: Could not request certificate: time out of range

Figured I would post it to help any other lazy saps who still have to
support 32-bit.



You received this message because you are subscribed to the Google Groups "Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to [email protected].
To post to this group, send email to [email protected].
Visit this group at http://groups.google.com/group/puppet-users?hl=en.
For more options, visit https://groups.google.com/groups/opt_out.

Search Discussions

Related Discussions

Discussion Navigation
viewthread | post
Discussion Overview
grouppuppet-users @
postedFeb 12, '13 at 7:04p
activeFeb 12, '13 at 7:04p

1 user in discussion

Jemmorey: 1 post



site design / logo © 2023 Grokbase