Puppet users - Mar 2012 - puppetca trouble (The certificate retrieved from the master does not match the agent's private key)

Hi @all,

i have a foreman-proxy server, build from scratch, works fine and i can 
build unattended hosts.

I don''t want to configure all my foreman-proxys manually, so i build
them
in puppet, and only setup the OS (SL) and basic puppet config  manually.

I can run the puppet configuration sucsessfully, my config is exactly what 
i want, but i am unable to build unattended hosts anymore, i get an error 
in the foreman-proxy log:(i can reproduce this with the command)

sudo -u foreman-proxy /usr/bin/sudo /usr/sbin/puppetca --clean
The certificate retrieved from the master does not match the agent''s 
private key.
Certificate fingerprint: D1:B4:88:24:24:31:FA:13:90:FA:1F:8A:CB:BF:2D:AB
To fix this, remove the certificate from both the master and the agent and 
then start a puppet run, which will automatically regenerate a certficate.
On the master:
  puppet cert clean foreman-proxy.example.com
On the agent:
  rm -f /var/lib/puppet/ssl/certs/foreman-proxy.example.com.pem
  puppet agent -t

i have tried the suggested solution, but i have no success. 
The normal puppet run works without Problems

any idea?


rgds flo


-- 
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To view this discussion on the web visit
https://groups.google.com/d/msg/puppet-users/-/5A8PTg0YwDcJ.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscribe@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.