Dmytro Bablinyuk
2010-Dec-14 06:16 UTC
[Puppet Users] Hostname was not match with the server certificate
Hi Everybody, I have 2 machines, one that running puppetmasterd and another one that running client. Both run Ubuntu. First I installed 2.25.4 (I think) version and then I have upgraded Puppet to 2.6.4 Server does not have any DNS entry, so I am trying to use IP address for the client to connect. Client generates some certificate error. root@puppet-client-ubuntu:~# puppetd --server 172.16.48.105 -- waitforcert 60 --test info: Retrieving plugin err: /File[/var/lib/puppet/lib]: Failed to generate additional resources using ''eval_generate'': hostname was not match with the server certificate err: /File[/var/lib/puppet/lib]: Could not evaluate: hostname was not match with the server certificate Could not retrieve file metadata for puppet://172.16.48.105/plugins: hostname was not match with the server certificate err: Could not retrieve catalog from remote server: hostname was not match with the server certificate warning: Not using cache on failed catalog err: Could not retrieve catalog; skipping run root@puppet-client-ubuntu:~# puppet --version 2.6.4 I am very new to Puppet and most likely I am missing something very simple. Any help greatly appreciated Thank you very much Dmytro -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Nan Liu
2010-Dec-14 07:17 UTC
Re: [Puppet Users] Hostname was not match with the server certificate
On Mon, Dec 13, 2010 at 11:16 PM, Dmytro Bablinyuk <bablinyuk@gmail.com> wrote:> Hi Everybody, > > I have 2 machines, one that running puppetmasterd and another one that > running client. > Both run Ubuntu. > > First I installed 2.25.4 (I think) version and then I have upgraded > Puppet to 2.6.4 > > Server does not have any DNS entry, so I am trying to use IP address > for the client to connect. Client generates some certificate error. > > root@puppet-client-ubuntu:~# puppetd --server 172.16.48.105 -- > waitforcert 60 --test > info: Retrieving plugin > err: /File[/var/lib/puppet/lib]: Failed to generate additional > resources using ''eval_generate'': hostname was not match with the > server certificate > err: /File[/var/lib/puppet/lib]: Could not evaluate: hostname was not > match with the server certificate Could not retrieve file metadata for > puppet://172.16.48.105/plugins: hostname was not match with the server > certificate > err: Could not retrieve catalog from remote server: hostname was not > match with the server certificate > warning: Not using cache on failed catalog > err: Could not retrieve catalog; skipping run > > root@puppet-client-ubuntu:~# puppet --version > 2.6.4 > > I am very new to Puppet and most likely I am missing something very > simple.The hostname 172.16.48.105 used in --server option does not match the CN or Subject Alternative Name presented in the certificate. If you are using defaults, add an entry in /etc/hosts for puppet to 172.16.48.105 and connect without the --server option (server hostname puppet is used by default). I recommend reading Bruce''s blog entry for more details: http://www.masterzen.fr/2010/11/14/puppet-ssl-explained/ Thanks, Nan -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Dmytro Bablinyuk
2010-Dec-14 22:15 UTC
[Puppet Users] Re: Hostname was not match with the server certificate
Thank you very much! It worked! On Dec 14, 6:17 pm, Nan Liu <n...@puppetlabs.com> wrote:> On Mon, Dec 13, 2010 at 11:16 PM, Dmytro Bablinyuk <bablin...@gmail.com> wrote: > > Hi Everybody, > > > I have 2 machines, one that running puppetmasterd and another one that > > running client. > > Both run Ubuntu. > > > First I installed 2.25.4 (I think) version and then I have upgraded > > Puppet to 2.6.4 > > > Server does not have any DNS entry, so I am trying to use IP address > > for the client to connect. Client generates some certificate error. > > > root@puppet-client-ubuntu:~# puppetd --server 172.16.48.105 -- > > waitforcert 60 --test > > info: Retrieving plugin > > err: /File[/var/lib/puppet/lib]: Failed to generate additional > > resources using ''eval_generate'': hostname was not match with the > > server certificate > > err: /File[/var/lib/puppet/lib]: Could not evaluate: hostname was not > > match with the server certificate Could not retrieve file metadata for > > puppet://172.16.48.105/plugins: hostname was not match with the server > > certificate > > err: Could not retrieve catalog from remote server: hostname was not > > match with the server certificate > > warning: Not using cache on failed catalog > > err: Could not retrieve catalog; skipping run > > > root@puppet-client-ubuntu:~# puppet --version > > 2.6.4 > > > I am very new to Puppet and most likely I am missing something very > > simple. > > The hostname 172.16.48.105 used in --server option does not match the > CN or Subject Alternative Name presented in the certificate. > > If you are using defaults, add an entry in /etc/hosts for puppet to > 172.16.48.105 and connect without the --server option (server hostname > puppet is used by default). > > I recommend reading Bruce''s blog entry for more details:http://www.masterzen.fr/2010/11/14/puppet-ssl-explained/ > > Thanks, > > Nan-- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.