This can all safely be ignored. A reboot of both the master and agent
servers was able to clear things up. I''m not sure if the times were
slightly off or something else, but rebooting took care of things.
Tom
On Tuesday, July 30, 2013 4:00:27 PM UTC-4, Tom Hanstra
wrote:>
> I''m attempting to run Puppet 3.2.3 on RHEL6 and am running into
key
> problems.
>
> The keys seem to be exchanged, or at least the puppet master receives the
> key from the client:
>
> lib_puppet2.library.nd.edu|root no_ora /var/lib/puppet 1029$ puppet cert
> list --all
> + "puptest1.library.nd.edu" (SHA256)
>
D4:3C:F5:4B:14:66:3C:97:55:3E:A1:F9:D7:88:13:78:A1:32:C7:B7:EB:9B:70:CA:73:BC:0E:13:47:D0:B6:B1
>
> But when I attempt to connect from the agent, I get what look to be key
> problems:
>
> puptest1.library.nd.edu|root no_ora ~ 639$ puppet agent --test
> Warning: Unable to fetch my node definition, but the agent run will
> continue:
> Warning: SSL_connect returned=1 errno=0 state=SSLv3 read server
> certificate B: certificate verify failed: [certificate signature failure
> for /CN=lib_puppet2.library.nd.edu]
> Info: Retrieving plugin
> Error: Could not retrieve plugin: Parameter source failed on
> File[/var/lib/puppet/lib]: Could not understand source puppet://
> lib_puppet2.library.nd.edu/plugins: the scheme puppet does not accept
> registry part: lib_puppet2.library.nd.edu (or bad hostname?)
> Error: Could not retrieve catalog from remote server: SSL_connect
> returned=1 errno=0 state=SSLv3 read server certificate B: certificate
> verify failed: [certificate signature failure for /CN>
lib_puppet2.library.nd.edu]
> Warning: Not using cache on failed catalog
> Error: Could not retrieve catalog; skipping run
> Error: Could not send report: SSL_connect returned=1 errno=0 state=SSLv3
> read server certificate B: certificate verify failed: [certificate
> signature failure for /CN=lib_puppet2.library.nd.edu]
>
> I''ve cleared /var/lib/puppet/ssl numerous times on both sides but
every
> time I get back to this point.
>
> I''m open to any and all ideas. Does anyone have this working on
any RHEL6
> servers? I had no trouble with puppet 2.6 but am running into other
> problems there with older versions of puppet, so I wanted to get puppet3
> running. But I seem to have hit a wall.
>
> Thanks,
> Tom Hanstra
> hanstra@nd.edu
>
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscribe@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.