PeterNSteinmetz
2012-Apr-24 05:13 UTC
[Puppet Users] read server certificate B: certificate verify failed error is driving people crazy
It seems like there must be a better way of dealing with these errors in a puppermaster-agent setup. I currently have one master and one agent that work, running on ubuntu 10.10 (maverick meerkat server). On another machine, same os and hardware, I try installing with the same steps and when I run sudo puppet agent --test --verbose --debug --server <serverhostname>, it is constantly hitting: read server certificate B: certificate verify failed I tried all sorts of solutions to this. Cleaning every trace of puppet on the non-working agent, then reinstalling it and trying again. Checked that times agreed and that certificates appeared valid at the given times. The only thing which finally worked was completely wiping both the master and the agent nodes, then reinstalling and starting them up gingerly. I think the problem with this error message is that it is somewhat obtuse, and occurs in far too many cases. It also appears the system with certificates is fragile. Some of the items which may be messing up the certificate chain and ability to straighten it out are: 1. If an agent is running, then running a one-shot puppet agent --test to try and figure out what is happening. Perhaps there needs to be a lock check here even if a user is running puppet agent off the command line if only one agent can run at a time. 2. If the server name is something like rm16 and there is a CNAME from puppet to rm16, is the system still generating proper certificate names for all checks that will be executed? To make the system run and install I''ve had to first set servname=rm16 in the puppet.conf before starting up the agent. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Possibly Parallel Threads
- No subject
- trying to chainload the normal ubuntu pxe installer
- Puppet ssl errors " SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed"
- Machine learning teaching for Data Science Retreat
- Secret of Monkey Island SE, steam on wine, crashes on start