(puppet 0.25.4) I make the client request for a certificate: $ puppetd -t --waitforcert 30 And expect the ca server to have the client''s FQDN listed: $ puppetca --list [none listed] There''s also nothing under the certificate_requests directory: $ ls /var/lib/puppet/ssl/certificate_requests/ I check where the ca server and puppetmaster looks for certs: $ puppetca --configprint ssldir /var/lib/puppet/ssl $ puppetmasterd --configprint ssldir /var/lib/puppet/ssl Attempting to sign the cert for my puppet client anyway (will fail): $ puppetca --sign chowchow.p3.sc.verticalresponse.com chowchow.p3.sc.verticalresponse.com err: Could not call sign: Could not find certificate request for chowchow.p3.sc.verticalresponse.com Any ideas why? -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Charles Johnson
2010-Jun-11 21:09 UTC
Re: [Puppet Users] unable to sign certificate for client
On the client, what is the output if you do puppetd --test --debug ~Charles~ On Fri, Jun 11, 2010 at 2:18 PM, jg <jurisgalang@gmail.com> wrote:> (puppet 0.25.4) > > I make the client request for a certificate: > > $ puppetd -t --waitforcert 30 > > And expect the ca server to have the client''s FQDN listed: > > $ puppetca --list > [none listed] > > There''s also nothing under the certificate_requests directory: > > $ ls /var/lib/puppet/ssl/certificate_requests/ > > > I check where the ca server and puppetmaster looks for certs: > > $ puppetca --configprint ssldir > /var/lib/puppet/ssl > > $ puppetmasterd --configprint ssldir > /var/lib/puppet/ssl > > Attempting to sign the cert for my puppet client anyway (will fail): > > $ puppetca --sign chowchow.p3.sc.verticalresponse.com > chowchow.p3.sc.verticalresponse.com > err: Could not call sign: Could not find certificate request for > chowchow.p3.sc.verticalresponse.com > > Any ideas why? > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To post to this group, send email to puppet-users@googlegroups.com. > To unsubscribe from this group, send email to > puppet-users+unsubscribe@googlegroups.com<puppet-users%2Bunsubscribe@googlegroups.com> > . > For more options, visit this group at > http://groups.google.com/group/puppet-users?hl=en. > >-- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.