table of contents
| PUPPET-CERTIFICATE_REVOCATION_LIST(8) | Puppet manual | PUPPET-CERTIFICATE_REVOCATION_LIST(8) |
NAME¶
puppet-certificate_revocation_list - Manage the list of revoked certificates.SYNOPSIS¶
puppet certificate_revocation_list action [--terminus _TERMINUS] [--extra HASH]DESCRIPTION¶
This subcommand is primarily for retrieving the certificate revocation list from the CA.OPTIONS¶
Note that any setting that´s valid in the configuration file is also a valid long argument, although it may or may not be relevant to the present action. For example, server and run_mode are valid settings, so you can specify --server <servername>, or --run_mode <runmode> as an argument.See the configuration file documentation at https://puppet.com/docs/puppet/latest/configuration.html for the full list of acceptable parameters. A commented list of all configuration options can also be generated by running puppet with --genconfig.
- --render-as FORMAT
- The format in which to render output. The most common formats are json, s (string), yaml, and console, but other options such as dot are sometimes available.
- --verbose
- Whether to log verbosely.
- --debug
- Whether to log debug information.
- --extra HASH
- A terminus can take additional arguments to refine the operation, which are passed as an arbitrary hash to the back-end. Anything passed as the extra value is just send direct to the back-end.
- --terminus _TERMINUS
- Indirector faces expose indirected subsystems of Puppet. These subsystems are each able to retrieve and alter a specific type of data (with the familiar actions of find, search, save, and destroy) from an arbitrary number of pluggable backends. In Puppet parlance, these backends are called terminuses.
- Almost all indirected subsystems have a rest terminus that interacts with the puppet master´s data. Most of them have additional terminuses for various local data models, which are in turn used by the indirected subsystem on the puppet master whenever it receives a remote request.
- The terminus for an action is often determined by context, but occasionally needs to be set explicitly. See the "Notes" section of this face´s manpage for more details.
ACTIONS¶
- destroy - Delete the certificate revocation list.
- SYNOPSIS
- puppet certificate_revocation_list destroy [--terminus _TERMINUS] [--extra HASH] dummy_text
- DESCRIPTION
- Deletes the certificate revocation list. This cannot be done over REST, but it is possible to delete the locally cached copy or the local CA´s copy of the CRL.
- RETURNS
- Nothing.
- NOTES
- Although this action always deletes the CRL from the specified terminus, it requires a dummy argument; this is a known bug.
- find - Retrieve the certificate revocation list.
- SYNOPSIS
- puppet certificate_revocation_list find [--terminus _TERMINUS] [--extra HASH] [key]
- DESCRIPTION
- Retrieve the certificate revocation list.
- RETURNS
- The certificate revocation list. When used from the Ruby API: returns an OpenSSL::X509::CRL object.
- NOTES
- Although this action always returns the CRL from the specified terminus.
- info - Print the default terminus class for this face.
- SYNOPSIS
- puppet certificate_revocation_list info [--terminus _TERMINUS] [--extra HASH]
- DESCRIPTION
- Prints the default terminus class for this subcommand. Note that different run modes may have different default termini; when in doubt, specify the run mode with the ´--run_mode´ option.
EXAMPLES¶
findRetrieve a copy of the puppet master´s CRL:
$ puppet certificate_revocation_list find --terminus rest
NOTES¶
This subcommand is an indirector face, which exposes find, search, save, and destroy actions for an indirected subsystem of Puppet. Valid termini for this face include:- ○
- ca
- ○
- disabled_ca
- ○
- file
- ○
- rest
COPYRIGHT AND LICENSE¶
Copyright 2011 by Puppet Inc. Apache 2 license; see COPYING| June 2019 | Puppet, Inc. |