zilchms
commented
1 year ago For anyone reading this: The problem with making the certs and keys exportable on node A and importable on node B is, that the resource might be declared on A but the cert generation is happening during the apply of the resource on node B. Therefore every node applying the same exported resource gets different results.
It would be nice if this module allows users to export signed certificates and import them on other hosts. For example: define and export a certificate on host1, then import and realize the certificate on host2 Right now the contents of the certificate are created life on the importing host (making the contents of the certificate different than they are on the exported host).
I have no idea if this is even possible. My guess is this would need some work in the cert/key providers, if this even at all possible in puppet.