Charlie Baum
2014-Apr-07 21:57 UTC
[Puppet Users] Windows puppet agent SSL cert revocation woes.
I have 8 or 9 Windows 2012 servers with latest puppet client 3.4.3. Out of those, 4 of them have experienced issues with the SSL cert. Here is what my event log contains: (each line is a different entry in the event log, all within about 1.5 seconds) *Unable to fetch my node definition, but the agent run will continue:* *SSL_connect returned=1 errno=0 state=SSLv3 read server session ticket A: sslv3 alert certificate revoked* */File[C:/ProgramData/PuppetLabs/puppet/var/lib]: Failed to generate additional resources using 'eval_generate': SSL_connect returned=1 errno=0 state=SSLv3 read server session ticket A: sslv3 alert certificate revoked* */File[C:/ProgramData/PuppetLabs/puppet/var/lib]: Could not evaluate: SSL_connect returned=1 errno=0 state=SSLv3 read server session ticket A: sslv3 alert certificate revoked Could not retrieve file metadata for puppet://autopuppet.sys.comcast.net/plugins: SSL_connect returned=1 errno=0 state=SSLv3 read server session ticket A: sslv3 alert certificate revoked* *Could not retrieve catalog from remote server: SSL_connect returned=1 errno=0 state=SSLv3 read server session ticket A: sslv3 alert certificate revoked* This is very frustrating for a product I would like to put into production. I have searched and found resolutions to this issue, but can't find a discussion on the root cause. Is it a crappy Windows agent? Bug/issue on the puppet master side? How can I avoid this from happening all over my prod environment if I go that route? -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscribe@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/031c8459-ffdf-4cf0-b7f6-144d3aa43424%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.