Hi,
I just upgrade my puppet server from version 2.6.7 to 2.7.3 and now I
can''t connect new clients.
When trying to connect the clients I''m denied with the following error
message:
err: Could not request certificate: SSL_connect returned=1 errno=0
state=SSLv3 read server certificate B: certificate verify failed.
This is often because the time is out of sync on the server or client
Now I have been checking time settings on both servers and they are in
sync. (I syncronized them against the same ntp server.)
Then I checked the masterhttp.log and there is this:
[2011-08-24 12:46:37] ERROR OpenSSL::SSL::SSLError: SSL_accept
returned=1 errno=0 state=SSLv3 read client certificate A: tlsv1 alert
unknown ca
/usr/local/lib/ruby/site_ruby/1.9/puppet/network/http/webrick.rb:44:in
`accept''
/usr/local/lib/ruby/site_ruby/1.9/puppet/network/http/webrick.rb:44:in
`block (3 levels) in listen''
/usr/local/lib/ruby/1.9/webrick/server.rb:183:in `call''
/usr/local/lib/ruby/1.9/webrick/server.rb:183:in `block in
start_thread''
So. I decided to clear out the ssl directory and start over.
The local agents certificate is signed as it should and can connect
and apply the configuration.
On client that can''t connect I also tried to clear out the ssl
directory to make it create a new request but without any luck.
Does anyone have an idea for me how to get on?
Regards
/Martin
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscribe@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
