During Puppet 7 upgrade from Puppet 6, Puppet Server create another certname

root@puppetdev:~# cat /etc/puppetlabs/puppet/puppet.conf 

# This file can be used to override the default puppet settings.

# See the following links for more details on what settings are available:

# - https://puppet.com/docs/puppet/latest/config_important_settings.html

# - https://puppet.com/docs/puppet/latest/config_about_settings.html

# - https://puppet.com/docs/puppet/latest/config_file_main.html

# - https://puppet.com/docs/puppet/latest/configuration.html

[server]

vardir = /opt/puppetlabs/server/data/puppetserver

logdir = /var/log/puppetlabs/puppetserver

rundir = /var/run/puppetlabs/puppetserver

pidfile = /var/run/puppetlabs/puppetserver/puppetserver.pid

codedir = /srv/puppet/code

storeconfigs=true

storeconfigs_backend=puppetdb

reports=store,puppetdb

dns_alt_names=puppetdev.example.org,puppetdev

[main]

strict_variables=true

[agent]

environment=development

server=puppetdev.example.org

root@puppetdev:~# hostname

puppetdev

root@puppetdev:~# hostname -f

puppetdev.example.org

root@puppetdev:~# puppetserver ca list --all

Signed Certificates:

    puppetagent1.example.org       (SHA256)  7E:E6:DF:B0:83:B7:36:C2:F1:4E:D8:33:31:74:75:A4:EE:58:C9:0D:A2:78:AC:D9:D4:04:1D:8A:AA:00:9B:19

    puppetagent2.example.org       (SHA256)  09:EB:01:B7:41:5F:6B:18:DC:25:B5:13:6A:F7:4B:34:66:E0:81:49:6F:25:9B:EC:5F:1B:09:21:EE:1E:27:F0

    puppetdev.example.org          (SHA256)  E4:6D:7F:84:71:D8:74:15:ED:1E:F7:79:D8:A5:A4:93:B6:A2:5A:52:1C:B6:08:34:D4:88:32:C2:99:CD:87:20	alt names: ["DNS:puppetdev.example.org", "DNS:puppetdev", "DNS:puppetdev.example.org"]	authorization extensions: [pp_cli_auth: true]

root@puppetdev:~# ls -1 /etc/puppetlabs/puppet/ssl/*/puppetdev*.pem

/etc/puppetlabs/puppet/ssl/certs/puppetdev.example.org.pem

/etc/puppetlabs/puppet/ssl/private_keys/puppetdev.example.org.pem

/etc/puppetlabs/puppet/ssl/public_keys/puppetdev.example.org.pem

root@puppetdev:~# puppet --version

6.21.0

root@puppetdev:~# wget https://apt.puppetlabs.com/puppet7-release-buster.deb

root@puppetdev:~# apt install ./puppet7-release-buster.deb 

root@puppetdev:~# apt update;apt full-upgraderoot@puppetdev:~# puppet --version

7.4.0

root@puppetdev:~# puppetserver ca list --all

The cadir is currently configured to be inside the /etc/puppetlabs/puppet/ssl directory. This config setting and the directory location will not be used in a future version of puppet. Please run the puppetserver ca tool to migrate out from the puppet confdir to the /etc/puppetlabs/puppetserver/ca directory. Use `puppetserver ca migrate --help` for more info.

Signed Certificates:

    puppetagent1.example.org       (SHA256)  7E:E6:DF:B0:83:B7:36:C2:F1:4E:D8:33:31:74:75:A4:EE:58:C9:0D:A2:78:AC:D9:D4:04:1D:8A:AA:00:9B:19

    puppetagent2.example.org       (SHA256)  09:EB:01:B7:41:5F:6B:18:DC:25:B5:13:6A:F7:4B:34:66:E0:81:49:6F:25:9B:EC:5F:1B:09:21:EE:1E:27:F0

    puppetdev                      (SHA256)  46:3C:3C:0D:CD:5A:36:81:38:97:17:E9:58:AF:74:B7:94:20:A4:F2:F3:8B:55:87:64:B0:12:28:3D:D1:C5:32	alt names: ["DNS:puppetdev.example.org", "DNS:puppetdev", "DNS:puppetdev"]	authorization extensions: [pp_cli_auth: true]

    puppetdev.example.org          (SHA256)  E4:6D:7F:84:71:D8:74:15:ED:1E:F7:79:D8:A5:A4:93:B6:A2:5A:52:1C:B6:08:34:D4:88:32:C2:99:CD:87:20	alt names: ["DNS:puppetdev.example.org", "DNS:puppetdev", "DNS:puppetdev.example.org"]	authorization extensions: [pp_cli_auth: true]

root@puppetdev:~# ls -1 /etc/puppetlabs/puppet/ssl/*/puppetdev*.pem

/etc/puppetlabs/puppet/ssl/certs/puppetdev.example.org.pem

/etc/puppetlabs/puppet/ssl/certs/puppetdev.pem

/etc/puppetlabs/puppet/ssl/private_keys/puppetdev.example.org.pem

/etc/puppetlabs/puppet/ssl/private_keys/puppetdev.pem

/etc/puppetlabs/puppet/ssl/public_keys/puppetdev.example.org.pem

/etc/puppetlabs/puppet/ssl/public_keys/puppetdev.pem

root@puppetdev:~# puppet node clean puppetdev

Notice: Revoked certificate for puppetdev

Notice: Cleaned files related to puppetdev

puppetdev

root@puppetdev:~# systemctl stop puppetserver.service 

root@puppetdev:~# rm /etc/puppetlabs/puppet/ssl/*/puppetdev.pem

root@puppetdev:~# systemctl start puppetserver.service 

root@puppetdev:~# ls /etc/puppetlabs/puppet/ssl/*/puppetdev*.pem

/etc/puppetlabs/puppet/ssl/certs/puppetdev.example.org.pem  /etc/puppetlabs/puppet/ssl/private_keys/puppetdev.example.org.pem  /etc/puppetlabs/puppet/ssl/public_keys/puppetdev.example.org.pem

/etc/puppetlabs/puppet/ssl/certs/puppetdev.pem		    /etc/puppetlabs/puppet/ssl/private_keys/puppetdev.pem	       /etc/puppetlabs/puppet/ssl/public_keys/puppetdev.pem

root@puppetdev:~# puppetserver ca list --all

Signed Certificates:

    puppetagent1.example.org       (SHA256)  7E:E6:DF:B0:83:B7:36:C2:F1:4E:D8:33:31:74:75:A4:EE:58:C9:0D:A2:78:AC:D9:D4:04:1D:8A:AA:00:9B:19

    puppetagent2.example.org       (SHA256)  09:EB:01:B7:41:5F:6B:18:DC:25:B5:13:6A:F7:4B:34:66:E0:81:49:6F:25:9B:EC:5F:1B:09:21:EE:1E:27:F0

    puppetdev                      (SHA256)  27:67:97:4A:B1:B9:99:AF:14:2F:28:37:72:06:E8:B7:C5:E1:64:EF:0A:DE:F7:2D:21:83:5E:89:70:F6:42:B4	alt names: ["DNS:puppetdev.example.org", "DNS:puppetdev", "DNS:puppetdev"]	authorization extensions: [pp_cli_auth: true]

    puppetdev.example.org          (SHA256)  E4:6D:7F:84:71:D8:74:15:ED:1E:F7:79:D8:A5:A4:93:B6:A2:5A:52:1C:B6:08:34:D4:88:32:C2:99:CD:87:20	alt names: ["DNS:puppetdev.example.org", "DNS:puppetdev", "DNS:puppetdev.example.org"]	authorization extensions: [pp_cli_auth: true]

root@puppetdev:~# ls -1 /etc/puppetlabs/puppet/ssl/*/puppetdev*.pem

/etc/puppetlabs/puppet/ssl/certs/puppetdev.example.org.pem

/etc/puppetlabs/puppet/ssl/certs/puppetdev.pem

/etc/puppetlabs/puppet/ssl/private_keys/puppetdev.example.org.pem

/etc/puppetlabs/puppet/ssl/private_keys/puppetdev.pem

/etc/puppetlabs/puppet/ssl/public_keys/puppetdev.example.org.pem

/etc/puppetlabs/puppet/ssl/public_keys/puppetdev.pem