similar to: Creating client certificates

Hi all puppet-Users, i try to get my first puppet installation up and running. (puppet-0.24.5, ruby-1.8.5) everything works as expected witch puppetmasterd + puppetd on the same machine. but i''ve problems connecting to the puppet-server from any client host. all i get is the error ------------ debug: Calling puppetca.getcert err: Could not call puppetca.getcert:

Hi, installing puppet at my first site was quite easy (not w/o problems, but still). At the second site, I''ve run into something more serious. First things first - I install puppetmaster on existing server, used to keep LDAP db (my puppetmaster DOES NOT use LDAP, it just tries to coexist on the same machine). The thing is, I need to puppet this baby, so I''m running into a

Hi, I would like to use Puppet in the cloud (think gogrid) to configure stem images. Virtual machines are created/destroyed on the fly under control of a load monitor. For this reason we cannot sign manually new Puppet clients, instead, we must use Puppet''s autosign feature. At the moment, Puppet just permits to filter client manifest requests with some regex over the hostname of the

Hello folks, I am getting this error on one of the clients, here''s all of the output. It was working on this client and today it stopped working. I cleaned the cert for this client puppetmaster by "puppetca --clean host.domain.com" and I removed the "/var/lib/puppet/ssl" directory so it would get new certs. But I still keep getting the same error as below. I have other

I am looking into alternatives for the initial cert sign for new puppet clients. We will have non-sysadmins kickstarting new hosts, and I am trying to minimize the time they have to wait for a cert sign while maintaining at least a marginally sane level of security. My question is this: does the puppetmaster check that a new cert request for host A (csr with subject "cn=A.mydomain") is

Hi, I''m using puppet on EC2 to setup my VMs with the following configuration: # puppetd --version 0.25.5 # uname -a Linux hostname.domain 2.6.16-xenU #1 SMP Mon May 28 03:41:49 SAST 2007 i686 i686 i386 GNU/Linux But I keep facing some timeout from puppetd: warning: peer certificate won''t be verified in this SSL session Exiting; failed to retrieve certificate and waitforcert

Hey Folks, I''m looking at doing automated provisioning of new servers and am trying to integrate puppet into this process. What I''m wondering though is what the best process for securely registering a new node is. At the moment the first time puppet is run I have to then accept the certificate on the puppetmaster and then run puppet again. What I would like to do is accept the

I am trying to come up with a workable solution in managing numerous Mac workstations allowing a high degree of flexibility with regards to certs. My puppet environment is setup to application installation on machines that have been ''imaged'' with a base OS and the puppet and facter apps. So, when a Mac is ''imaged'' and subsequently re-booted, puppet is run at

Hi. When registering a new client with the puppetmaster I get the following error: [root@host ~]# puppetd --server puppetmaster --waitforcert 50 --test info: Creating a new certificate request for host info: Creating a new SSL key at /var/lib/puppet/ssl/private_keys/ host.pem warning: peer certificate won''t be verified in this SSL session err: Could not call puppetca.getcert:

Hi: I''m trying to configure Puppet on Ubuntu, and strangely I am never able to generate a certificate because my server never shows any pending certificate requests. Put differently, on the server I am running puppetmasterd and on the client I am able to connect to the server, but the client continues printing notice: Did not receive certificate warning: peer certificate

All, I have --confdir=/etc/puppet/common in my /etc/init.d/puppetmaster and /etc/init.d/puppet files, vardir set to /var/lib/puppet in /etc/puppet/common/puppet.conf, and yet, every time I run puppetca it creates /etc/puppet/ssl. Anyone know why? Doug. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email

Hi - I a ran puppetd -vt against a brand newly build host (which is what I normally do for a new host) and got the usual message: err: No certificate; running with reduced functionality. info: Creating a new certificate request for sega-dev-1. info: Requesting certificate On the puppetmaster, I then list the waiting host with: puppetca --list then sign the key. In this case, I decided that the

Hi, Just wondering if anyone had any similar issues OR idea''s on troubleshooting the following problem. I have a client/node registered to the puppet master and it is working without any issues. On the server I can see it compile the catalog in the logs. However when I run ''puppet cert --list --all'' it is not in the list. Note we use auto signing

Hi, I''ve setup the puppetmaster to start 5 processes each listening on a different port, with an Apache server in front. This works fine for existing clients, however when I try to add a new client (ie. a newly installed machine with no previous puppet configuration) I get this error: err: Could not request certificate: sslv3 alert handshake failure error Any ideas what''s

Hi! I''ve installed puppetmaster 2.7.13 on a server with CentOS 6.2 with a rpm supplied by yum.puppetlabs.com. I''ve setup a apache2 vhost with mod_ssl and passenger. The server is configured to autosign the cert requests. The agent installed on the puppetmaster''s server works fine. I''ve a second agent on a server which can sync with the server too. This

Hi all, I have a question concerning ActionWebService XMLRPC servers: Is it possible to send multicall requests to the Web service? I tried to use multicall and get the error message: no such method ''system.multicall'' on API [MyAPI] In Changeset 2021 there is the following commit message: add ''system.multicall'' support to XML-RPC. boxcarred methods must

Started the discussion in puppet users mailing list based on recommendation from luke. This discussion is to a follow up regarding bug#1955 "Could not find server puppet" - installation/configuration error". jamtur01''s last recommendation: Rather than renaming things try the certname option (see http://reductivelabs.com/trac/puppet/wiki/ConfigurationReference). But

Hi All, I am setting up puppetmaster with nginx and passenger and separating the Puppetmaster primary CA server. I have 3 host loadbalancer01 - Nginx doing LB on IP address and also running puppetmaster with passenger under 127.0.0.1 (port 8140). primaryca - Puppetmaster Primary CA pclient - Puppet Client The did the following steps: On Primary CA server: ---------------------------- cd

I recently had a working puppet server serving around 4-5 clients. One of the clients needed to be re-built and now only that client cannot connect. puppetca --clean hostname did not work So here is what I did on both the server/client I removed /var/lib/puppet/* Then I restarted the server via puppetmasterd --mkusers --verbose I then connect in via the client with /usr/bin/ruby

Hi, after quite some time doing nothing with asterisk I downloaded the current cvs version. Building this on a SuSE 8.2 System with gcc 3.3 i ran into an unpleasant snag: pbx.c:581: warning: comparison between signed and unsigned pbx.c: In function `pbx_substitute_variables_temp': pbx.c:765: warning: comparison between signed and unsigned pbx.c:812: warning: comparison between signed