I kept getting the hostname not match error:- err: Could not retrieve catalog from remote server: hostname not match with the server certificate I found lots of references which suggested the problem could be to do with the mismatch of hostnames, because the puppet master and puppet client are on completely different domains. http://groups.google.com/group/puppet-users/browse_thread/thread/6a3c3dbe91a72c86/48164bdd904f05a1?lnk=gst&q=Re%3A+[Puppet+Users]+Hostname+was+not+a+match+with+the+server+certificate+--+Arrgh!+# suggested I needed puppet.<domain> DNS entries in the server, certificate, so I tried re-generating the server certificate with certdnsname=puppet.toycollector.com:puppet.themartingale.com but I still I got the same error on the client I finally solved the problem. I was identifying the server, to the client using --fqdn=<client name>.<client domain> --server=<ip>, and thinking the problem was to do with the cert not being identified as puppet.<client domain>. The client FQDN is irrelevant, and the problem was the --server=<ip> statment. Whatever you use in the --server=<server> statement, be it DNSname or IP, it has to be listed in the server''s certificate, so if you intend to use --server=<ip> then you need to add that ip to the certdnsname parameter. Hopefully this will save someone the time I spent working it out. Simon -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.