I've just had 5 new servers provisioned to replace existing servers. The current servers are all setup web1.domain.com etc and use puppet to manage configuration. I want to setup the new servers to replace the old with the same hostnames, but it seems puppet has a problem with this as the private ssl keys differ between the 2 "web1" servers.

What is the easiest way to upgrade these hosts? The only way I can see at the moment is to remove /var/lib/puppet/ssl/ca/.pem on the server and add a new signing request from the new host. The old host will then not be able to connect to my puppetmaster.