search for: getcert

...et my first puppet installation up and running. (puppet-0.24.5, ruby-1.8.5) everything works as expected witch puppetmasterd + puppetd on the same machine. but i''ve problems connecting to the puppet-server from any client host. all i get is the error ------------ debug: Calling puppetca.getcert err: Could not call puppetca.getcert: #<Errno::EHOSTUNREACH: No route to host - connect(2)> err: Could not request certificate: Certificate retrieval failed: No route to host - connect(2) ------------ i tried the default ''bindaddress'' (0.0.0.0) and ''bindaddress = 1...

I testing Puppet 0.19.3. If we decide to use it, we''d deploy it across several thousand hosts. The method described for creating client certificates described in the documentation - running "puppetd --server <server> --waitforcert 60 --test" and "puppetca --sign <client>" - is not practical for our installation. I''ve tried creating

Hello, Puppet client is receiving the 500 error when trying to talk to the puppetmaster server. Apache error log on the server shows -> Could not prepare for execution: Got 1 failure(s) while initializing: change from absent to file failed: Could not set ''file on ensure: Permission denied - /var/lib/puppet/log/masterhttp.log Permissions on this file are open and the file is owned

...]/Settings[ssl]/File[/var/lib/ puppet/ssl/private_keys]: Autorequiring File[/var/lib/puppet/ssl] debug: /Settings[/etc/puppet/puppet.conf]/Settings[puppetd]/File[/etc/ puppet/puppet.conf]: Autorequiring File[/etc/puppet] debug: Finishing transaction -607037388 with 0 changes debug: Calling puppetca.getcert warning: peer certificate won''t be verified in this SSL session /usr/lib/ruby/1.8/puppet/network/xmlrpc/client.rb:57:in `getcert'' /usr/lib/ruby/1.8/puppet/network/client/ca.rb:26:in `request_cert'' /usr/lib/ruby/1.8/puppet/executables/client/certhandler.rb:38:in `retrieve_...

...r: [root@host ~]# puppetd --server puppetmaster --waitforcert 50 --test info: Creating a new certificate request for host info: Creating a new SSL key at /var/lib/puppet/ssl/private_keys/ host.pem warning: peer certificate won''t be verified in this SSL session err: Could not call puppetca.getcert: #<Errno::ECONNRESET: Connection reset by peer> /usr/lib/ruby/site_ruby/1.8/puppet/network/client/ca.rb:31:in `request_cert'': Certificate retrieval failed: Connection reset by peer (Puppet::Error) from /usr/sbin/puppetd:356 I''m not sure what may be causing this, but...

...ssl/private_keys]: Autorequiring File[/etc/opt/csw/ puppet/ssl] debug: Finishing transaction 3282048 with 0 changes info: Creating a new certificate request for core4.adcom.uci.edu info: Creating a new SSL key at /etc//opt/csw/puppet/ssl/private_keys/ core4.adcom.uci.edu.pem debug: Calling puppetca.getcert warning: peer certificate won''t be verified in this SSL session notice: Did not receive certificate debug: Calling puppetca.getcert warning: Other end went away; restarting connection and retrying warning: peer certificate won''t be verified in this SSL session notice: Did not rece...

...e I then connect in via the client with /usr/bin/ruby /usr/sbin/puppetd --server=10.100.177.5--logdest=/var/log/puppet/puppet.log --waitforcert=500 --verbose In the master my first connect i see otice: Allowing unauthenticated client njrh-tch502.fxserver.com( 10.100.177.11) access to puppetca.getcert notice: Host njrh-tch502.fxserver.com has a waiting certificate request I sign the key.. I ctrl+c out of the client and re-run it on the client I see [root@njrh-tch502 ssl]# /usr/bin/ruby /usr/sbin/puppetd --server= 10.100.177.5 --logdest=/var/log/puppet/puppet.log --waitforcert=500 --verbose wa...

hello, so today i started setting up a puppet server and client and am already having a problem (even before i started). the client tries to talk to the server for the first time to get a certificate. debug: Calling puppetca.getcert that is what it says as last line on the client. tcpdump says there are four packages transmitted between the hosts.. all coming from the client and going to the server. no answer is made. the debug mode of the server does not show any reaction whatsoever. dns lookups of both client and server...

...oxy server is squid and I had to add the Puppet port to the "Safe_ports" ACL list and also allow usage of the "CONNECT" method for that port. However, when I attempt to use puppetd to attempt to connect for the first time I get the following error: err: Could not call puppetca.getcert: #<Net::HTTPServerException: 404 "Not Found"> err: Could not request certificate: Certificate retrieval failed: 404 "Not Found" The proxy is allowing the request through but I don''t understand why the Puppetmaster suddenly gives this error. When a machine connect...

...1]: Creating a new certificate request for ldap_db.foo.bar May 27 15:43:20 ldap_db puppetd[27001]: Creating a new SSL key at /etc/ puppet/ssl/private_keys/ldap_db.foo.bar.pem May 27 15:43:20 ldap_db puppetmasterd[26986]: Allowing unauthenticated client ldap_db.foo.bar(10.10.10.1) access to puppetca.getcert May 27 15:43:20 ldap_db puppetmasterd[26986]: Certificate request does not match existing certificate; run ''puppetca --clean ldap_db.foo.bar''. OK, # puppetca --clean ldap_db.foo.bar and restarting puppetd May 27 15:43:56 ldap_db puppetmasterd[26986]: Allowing unauthenticated cli...