Setup Puppet Certs Task -- Doubt clearance

Hi Team,

I had the following task:

The Nautilus DevOps team has set up a puppet master and an agent node in Stratos Datacenter. Puppet master is running on jump host itself (also note that Puppet master node is also running as Puppet CA server) and Puppet agent is running on App Server 3. Since it is a fresh set up, the team wants to sign certificates for puppet master as well as puppet agent nodes so that they can proceed with the next steps of set up. You can find more details about the task below:

Puppet server and agent nodes are already have required packages, but you may need to start puppetserver (on master) and puppet service on both nodes.

Assign and sign certificates for both master and agent node.

I did all the required configurations in puppet.conf with the Jump server FQDN. But this configuration was not working until I added PUPPET in /etc/hosts as alias for Jump server.

My question is why we need to add puppet as alias, why jump fqdn do not work in this case. Also there was ssl ca .pem key which pointed to jump_host fqdn, what it is for?

Thanks in advance.

Regards,
Mayank Agrawal