thr3ads.net - Puppet users - [Puppet Users] Re: Unable to run puppet with apache + passenger(solved) [Jun 2012]

If this information is useful, please help other people find it:
Share via:
ankush grover
2012-Jun-08 11:35 UTC
[Puppet Users] Re: Unable to run puppet with apache + passenger(solved)

Adding puppet in /etc/hosts solved the problem

172.31.0.92 ezepuppet.synapse.ar.pem puppet

On Fri, Jun 8, 2012 at 2:10 PM, ankush grover <ankushcentos@gmail.com>
wrote:> Hi Friends,
>
> I am trying to run puppet with apache on Centos 6.2. 64-bit (with
> selinux off) but it seems apache is refusing to read the pem file of
> puppet. Below are the errors I am getting in the apache logs.
> Puppetmaster is working fine without Apache. The same setup is working
> fine with (Puppet + Apache) in another office . What could be the
> problem that apache is not able to read the files.
>
>
> Fri Jun 08 02:06:37 2012] [error] Init: Unable to read server
> certificate from file
> /var/lib/puppet/ssl/private_keys/ezepuppet.synapse.ar.pem
> [Fri Jun 08 02:06:37 2012] [error] SSL Library Error: 218529960
> error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag
> [Fri Jun 08 02:06:37 2012] [error] SSL Library Error: 218595386
> error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1
> error
> [Fri Jun 08 02:06:40 2012] [notice] suEXEC mechanism enabled (wrapper:
> /usr/sbin/suexec)
> [Fri Jun 08 02:06:40 2012] [error] Init: Unable to read server
> certificate from file
> /var/lib/puppet/ssl/private_keys/ezepuppet.synapse.ar.pem
> [Fri Jun 08 02:06:40 2012] [error] SSL Library Error: 218529960
> error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag
> [Fri Jun 08 02:06:40 2012] [error] SSL Library Error: 218595386
> error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1
> error
> [Fri Jun 08 02:06:53 2012] [notice] suEXEC mechanism enabled (wrapper:
> /usr/sbin/suexec)
> [Fri Jun 08 02:06:53 2012] [error] Init: Unable to read server
> certificate from file
> /var/lib/puppet/ssl/private_keys/ezepuppet.synapse.ar.pem
> [Fri Jun 08 02:06:53 2012] [error] SSL Library Error: 218529960
> error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag
> [Fri Jun 08 02:06:53 2012] [error] SSL Library Error: 218595386
> error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1
> error
> [Fri Jun 08 02:21:12 2012] [notice] suEXEC mechanism enabled (wrapper:
> /usr/sbin/suexec)
> [Fri Jun 08 02:21:12 2012] [error] Init: Unable to read server
> certificate from file
> /var/lib/puppet/ssl/private_keys/ezepuppet.synapse.ar.pem
> [Fri Jun 08 02:21:12 2012] [error] SSL Library Error: 218529960
> error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag
> [Fri Jun 08 02:21:12 2012] [error] SSL Library Error: 218595386
> error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1
> error
> [Fri Jun 08 02:27:26 2012] [notice] suEXEC mechanism enabled (wrapper:
> /usr/sbin/suexec)
> [Fri Jun 08 02:27:26 2012] [error] Init: Unable to read server
> certificate from file
> /var/lib/puppet/ssl/private_keys/ezepuppet.synapse.ar.pem
> [Fri Jun 08 02:27:26 2012] [error] SSL Library Error: 218529960
> error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag
> [Fri Jun 08 02:27:26 2012] [error] SSL Library Error: 218595386
> error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1
> error
> [Fri Jun 08 02:31:06 2012] [notice] suEXEC mechanism enabled (wrapper:
> /usr/sbin/suexec)
> [Fri Jun 08 02:31:06 2012] [error] Init: Unable to read server
> certificate from file
> /var/lib/puppet/ssl/private_keys/ezepuppet.synapse.ar.pem
> [Fri Jun 08 02:31:06 2012] [error] SSL Library Error: 218529960
> error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag
> [Fri Jun 08 02:31:06 2012] [error] SSL Library Error: 218595386
> error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1
> error
> ^C
>
>
> puppet.conf
>
> Listen 8140
> <VirtualHost *:8140>
>    SSLEngine on
>    SSLProtocol -ALL +SSLv3 +TLSv1
>    SSLCipherSuite ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:-LOW:-SSLv2:-EXP
>    SSLCertificateKeyFile
> /var/lib/puppet/ssl/private_keys/ezepuppet.synapse.ar.pem
>    SSLCertificateFile
/var/lib/puppet/ssl/private_keys/ezepuppet.synapse.ar.pem
>    SSLCACertificateFile /var/lib/puppet/ssl/ca/ca_crt.pem
>    SSLCertificateChainFile /var/lib/puppet/ssl/ca/ca_crt.pem
>    # If Apache complains about invalid signatures on the CRL, you can
> try disabling
>    # CRL checking by commenting the next line, but this is not recommended.
>    # SSLCARevocationFile /var/lib/puppet/ssl/ca/ca_crl.pem
>    # Set to require if this puppetmaster doesn''t issue
certificates
>    # to puppet clients.
>    # NB: this requires SSLCACertificateFile to include the CA cert
>    SSLVerifyClient optional
>    SSLVerifyDepth 1
>    SSLOptions +StdEnvVars
>
>    # Passenger options that can be set in a virtual host
>    # configuration block.
>    PassengerHighPerformance on
>    PassengerStatThrottleRate 120
>    PassengerUseGlobalQueue on
>    RackAutoDetect Off
>    RailsAutoDetect Off
>    RackBaseURI /
>   PassengerMaxRequests 10000
>    DocumentRoot /etc/puppet/rack/public
>
>
>    <Directory /etc/puppet/rack/>
>        Options None
>        AllowOverride None
>        Order allow,deny
>        Allow from all
>    </Directory>
> </VirtualHost>
-- 
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscribe@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Puppet users - Jun 2012 - Re: Unable to run puppet with apache + passenger(solved)

[Puppet Users] Re: Unable to run puppet with apache + passenger(solved)
