search for: puppet_ca

I have a puppet master that I had recently split into two, one handling just CA functionality and one handling the normal puppet master operations. puppet_ca puppet_master Otherwise, both are configured identically as follows: 1) The modules are stored into separate environments under /etc/puppet/environments: /etc/puppet/environments/foo/modules /etc/puppet/environments/bar/modules /etc/puppet/environments/baz/modules 2) The manifests are split...

...irtual-host.conf file should look for my second puppet-master2.test.net. Here is mine: LoadModule passenger_module /usr/lib/ruby/gems/1.8/gems/passenger-3.0.18/ext/apache2/mod_passenger.so PassengerRoot /usr/lib/ruby/gems/1.8/gems/passenger-3.0.18 PassengerRuby /usr/bin/ruby <Proxy balancer://puppet_ca> BalancerMember http://puppet-master1.test.net:8140 </Proxy> ProxyPassMatch ^(/.*?)/(certificate.*?)/(.*)$ balancer://puppet_ca/ ProxyPassReverse ^(/.*?)/(certificate.*?)/(.*)$ balancer://puppet_ca/ Listen 8140 <VirtualHost *:8140> SSLEngine on SSLProtocol -ALL +SSLv3 +T...

I''m having difficulty getting my head around some CA issues My client has: [puppetd] ca_server=puppetca.mydomain.com and puppet resolves to a different machine. when puppet connects, it requests a signature from puppetca.mydomain.combut then on the next pass fails with the following: err: Could not retrieve catalog: Certificates were not trusted: SSL_connect returned=1 errno=0

...rom s: nested asn1 error Clearly an SSL issue but not something I know a great deal about. loadbalancer.conf # Puppet Load Balancing Thing <Proxy balancer://puppetmaster> BalancerMember http://puppetmst1:18140 BalancerMember http://puppetmst2:18140 </Proxy> <Proxy balancer://puppet_ca> # Only one member BalancerMember http://cahost1:18140 # Hot Standby if the primary is offline BalancerMember http://cahost2:18140 status=+H </Proxy> Listen 8140 <VirtualHost *:8140> ServerName loadbalancer SSLEngine on # SSLCipherSuite SSLv2:-LOW:-EXPORT:RC4+RSA S...