Dear ALL. I am trying to generate the ca for my puppet client . But it showing the following error puppetd --server puppet --test --debug --no-daemonize warning: peer certificate won''t be verified in this SSL session err: Could not request certificate: Error 400 on SERVER: undefined method `info'' for nil:NilClass Exiting; failed to retrieve certificate and waitforcert is disabled puppetmaster FQDN checks is fine for puppetmaster and client . pinging perfectly. Please guide me to fix this problem . Regards CheBrian -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Hi, Verify that the server name you are using is correct (is it ''puppet'' or ''puppetmaster''?). Use the --waitforcert option when first signing. Verify that puppetmaster is running on the server. Verify that you can access port 8140 on the server from the client. Cheers, On 25/03/2011, at 22:30, CHEBRIAN <ksd.che@gmail.com> wrote:> Dear ALL. > > I am trying to generate the ca for my puppet client . > > But it showing the following error > > puppetd --server puppet --test --debug --no-daemonize > > warning: peer certificate won''t be verified in this SSL session > err: Could not request certificate: Error 400 on SERVER: undefined > method `info'' for nil:NilClass > Exiting; failed to retrieve certificate and waitforcert is disabled > > puppetmaster > > FQDN checks is fine for puppetmaster and client . pinging perfectly. > > Please guide me to fix this problem . > > Regards > CheBrian > > -- > You received this message because you are subscribed to the Google Groups "Puppet Users" group. > To post to this group, send email to puppet-users@googlegroups.com. > To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. > For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. >-- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
KarthiKeyan. Kesavan
2011-Mar-26 12:43 UTC
Re: [Puppet Users] puppet certificate request error
hi, Thanks for your update . Server name is puppet and client name is client . I can do the telnet for server 8140 . even if i am using --waitforcert option i did nt get newly . Please share your suggestions . Cheers K.KarthiKeyan Hi,> > Verify that the server name you are using is correct (is it ''puppet'' or > ''puppetmaster''?). Use the --waitforcert option when first signing. > > Verify that puppetmaster is running on the server. Verify that you can > access port 8140 on the server from the client. > > Cheers, > > On 25/03/2011, at 22:30, CHEBRIAN <ksd.che@gmail.com> wrote: > > > Dear ALL. > > > > I am trying to generate the ca for my puppet client . > > > > But it showing the following error > > > > puppetd --server puppet --test --debug --no-daemonize > > > > warning: peer certificate won''t be verified in this SSL session > > err: Could not request certificate: Error 400 on SERVER: undefined > > method `info'' for nil:NilClass > > Exiting; failed to retrieve certificate and waitforcert is disabled > > > > puppetmaster > > > > FQDN checks is fine for puppetmaster and client . pinging perfectly. > > > > Please guide me to fix this problem . > > > > Regards > > CheBrian > > > > -- > > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > > To post to this group, send email to puppet-users@googlegroups.com. > > To unsubscribe from this group, send email to > puppet-users+unsubscribe@googlegroups.com. > > For more options, visit this group at > http://groups.google.com/group/puppet-users?hl=en. > > > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To post to this group, send email to puppet-users@googlegroups.com. > To unsubscribe from this group, send email to > puppet-users+unsubscribe@googlegroups.com. > For more options, visit this group at > http://groups.google.com/group/puppet-users?hl=en. > >-- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Hi, Okay, start again then (assuming you are still testing out puppet). Remove the puppet ''ssl'' directory contents on the server and the client. Check your host clocks are in sync. Start the puppetmaster on the server with --no-daemonize --verbose That will generate the CA again for the server. On the client issue the following: puppetd --verbose --waitforcert 60 --server puppet.domain --noop If this still fails check the certname you are using in your certificates. openssl s_client -connect puppet:8140 Check the subject name is the same as the one you expect. You can specify the certname in your puppet client config. Cheers, On 26/03/2011, at 23:43, "KarthiKeyan. Kesavan" <ksd.che@gmail.com> wrote:> hi, > > Thanks for your update . > > Server name is puppet and client name is client . > > I can do the telnet for server 8140 . even if i am using --waitforcert option i did nt get newly . > > Please share your suggestions . > > Cheers > > K.KarthiKeyan > > > > Hi, > > Verify that the server name you are using is correct (is it ''puppet'' or ''puppetmaster''?). Use the --waitforcert option when first signing. > > Verify that puppetmaster is running on the server. Verify that you can access port 8140 on the server from the client. > > Cheers, > > On 25/03/2011, at 22:30, CHEBRIAN <ksd.che@gmail.com> wrote: > > > Dear ALL. > > > > I am trying to generate the ca for my puppet client . > > > > But it showing the following error > > > > puppetd --server puppet --test --debug --no-daemonize > > > > warning: peer certificate won''t be verified in this SSL session > > err: Could not request certificate: Error 400 on SERVER: undefined > > method `info'' for nil:NilClass > > Exiting; failed to retrieve certificate and waitforcert is disabled > > > > puppetmaster > > > > FQDN checks is fine for puppetmaster and client . pinging perfectly. > > > > Please guide me to fix this problem . > > > > Regards > > CheBrian > > > > -- > > You received this message because you are subscribed to the Google Groups "Puppet Users" group. > > To post to this group, send email to puppet-users@googlegroups.com. > > To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. > > For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. > > > > -- > You received this message because you are subscribed to the Google Groups "Puppet Users" group. > To post to this group, send email to puppet-users@googlegroups.com. > To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. > For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. > > > -- > You received this message because you are subscribed to the Google Groups "Puppet Users" group. > To post to this group, send email to puppet-users@googlegroups.com. > To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. > For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.-- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
KarthiKeyan. Kesavan
2011-Mar-28 17:52 UTC
Re: [Puppet Users] puppet certificate request error
HI, Thanks a lot . I followed your steps and revoke the cert for the client . now its working fine . Thanks a lot . Regards K.KarthiKeyan On Sun, Mar 27, 2011 at 5:04 AM, Denmat <tu2bgone@gmail.com> wrote:> Hi, > > Okay, start again then (assuming you are still testing out puppet). > > Remove the puppet ''ssl'' directory contents on the server and the client. > Check your host clocks are in sync. > Start the puppetmaster on the server with --no-daemonize --verbose > > That will generate the CA again for the server. > > On the client issue the following: > puppetd --verbose --waitforcert 60 --server puppet.domain --noop > > If this still fails check the certname you are using in your certificates. > > openssl s_client -connect puppet:8140 > > Check the subject name is the same as the one you expect. You can specify > the certname in your puppet client config. > > Cheers, > > On 26/03/2011, at 23:43, "KarthiKeyan. Kesavan" < <ksd.che@gmail.com> > ksd.che@gmail.com> wrote: > > hi, > > Thanks for your update . > > Server name is puppet and client name is client . > > I can do the telnet for server 8140 . even if i am using --waitforcert > option i did nt get newly . > > Please share your suggestions . > > Cheers > > K.KarthiKeyan > > > > Hi, >> >> Verify that the server name you are using is correct (is it ''puppet'' or >> ''puppetmaster''?). Use the --waitforcert option when first signing. >> >> Verify that puppetmaster is running on the server. Verify that you can >> access port 8140 on the server from the client. >> >> Cheers, >> >> On 25/03/2011, at 22:30, CHEBRIAN < <ksd.che@gmail.com><ksd.che@gmail.com> >> ksd.che@gmail.com> wrote: >> >> > Dear ALL. >> > >> > I am trying to generate the ca for my puppet client . >> > >> > But it showing the following error >> > >> > puppetd --server puppet --test --debug --no-daemonize >> > >> > warning: peer certificate won''t be verified in this SSL session >> > err: Could not request certificate: Error 400 on SERVER: undefined >> > method `info'' for nil:NilClass >> > Exiting; failed to retrieve certificate and waitforcert is disabled >> > >> > puppetmaster >> > >> > FQDN checks is fine for puppetmaster and client . pinging perfectly. >> > >> > Please guide me to fix this problem . >> > >> > Regards >> > CheBrian >> > >> > -- >> > You received this message because you are subscribed to the Google >> Groups "Puppet Users" group. >> > To post to this group, send email to <puppet-users@googlegroups.com><puppet-users@googlegroups.com> >> puppet-users@googlegroups.com. >> > To unsubscribe from this group, send email to >> <puppet-users%2Bunsubscribe@googlegroups.com><puppet-users+unsubscribe@googlegroups.com> >> puppet-users+unsubscribe@googlegroups.com. >> > For more options, visit this group at >> <http://groups.google.com/group/puppet-users?hl=en><http://groups.google.com/group/puppet-users?hl=en> >> http://groups.google.com/group/puppet-users?hl=en. >> > >> >> -- >> You received this message because you are subscribed to the Google Groups >> "Puppet Users" group. >> To post to this group, send email to <puppet-users@googlegroups.com><puppet-users@googlegroups.com> >> puppet-users@googlegroups.com. >> To unsubscribe from this group, send email to >> <puppet-users%2Bunsubscribe@googlegroups.com><puppet-users+unsubscribe@googlegroups.com> >> puppet-users+unsubscribe@googlegroups.com. >> For more options, visit this group at >> <http://groups.google.com/group/puppet-users?hl=en><http://groups.google.com/group/puppet-users?hl=en> >> http://groups.google.com/group/puppet-users?hl=en. >> >> > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To post to this group, send email to <puppet-users@googlegroups.com> > puppet-users@googlegroups.com. > To unsubscribe from this group, send email to > <puppet-users+unsubscribe@googlegroups.com> > puppet-users+unsubscribe@googlegroups.com. > For more options, visit this group at > <http://groups.google.com/group/puppet-users?hl=en> > http://groups.google.com/group/puppet-users?hl=en. > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To post to this group, send email to puppet-users@googlegroups.com. > To unsubscribe from this group, send email to > puppet-users+unsubscribe@googlegroups.com. > For more options, visit this group at > http://groups.google.com/group/puppet-users?hl=en. >-- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.