From 6ab1bcf196003009076eef981051ea54ea6c45e4 Mon Sep 17 00:00:00 2001
From: Frank Wall <fw@moov.de>
Date: Wed, 1 Dec 2021 17:13:37 +0100
Subject: [PATCH] document a known issue when rebuilding nodes, refs #6

---
 README.md | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)

diff --git a/README.md b/README.md
index 749943e..e543b6d 100644
--- a/README.md
+++ b/README.md
@@ -27,6 +27,7 @@
 1. [Limitations](#limitations)
     * [Requires multiple Puppet runs](#requires-multiple-puppet-runs)
     * [HTTP-01 challenge type untested](#http-01-challenge-type-untested)
+    * [Rebuilding nodes](#rebuilding-nodes)
     * [OS Compatibility](#os-compatibility)
 1. [Development](#development)
 1. [Fork](#fork)
@@ -394,6 +395,24 @@ The HTTP-01 challenge type is theoretically supported, but it is untested with t
 Some additional parameters may be missing. Feel free to report issues
 or suggest enhancements.
 
+### Rebuilding nodes
+
+When rebuilding or reinstalling an existing node, the module will be unable to
+create new or update existing certificates for this node. Instead a key mismatch
+will occur, because an entirely new private key will be created on the node.
+
+There is currently no way to fix this (#6) automatically.
+
+The old files can be manually cleaned on the Puppet Server by running something
+like this:
+
+```
+find /etc/acme.sh -name '*NODENAME*' -type f -delete
+```
+
+Besides that it may also be necessary to purge the old PuppetDB contents for this
+node.
+
 ### OS Compatibility
 
 This module was tested on CentOS/RedHat, Ubuntu/Debian and FreeBSD. Please open a new