similar to: Certificate validation failing

Hi all I''m trying to set up a separate puppet master and client on EC2. I''ve used two instances of CentOS5.4 with nothing other than the base install and have installed puppet via the ruby gems. Puppet is at 2.6.4 on both machines. I''ve been following the guide to get a basic configuration working (http://docs.puppetlabs.com/guides/configuring.html) with a little tweak

hello, I''ve just added a new client to an existing configuration but cannot get it recognised. Both client and server are running 0.24.5, installed on gentoo linux using portage. This is what I dis: Server: /etc/init.d/puppetmaster start * Starting puppetmaster ... [ ok ] Client: puppetd --test warning: peer certificate won''t be verified in this SSL session notice: Did not

Hi, I''m using puppet on EC2 to setup my VMs with the following configuration: # puppetd --version 0.25.5 # uname -a Linux hostname.domain 2.6.16-xenU #1 SMP Mon May 28 03:41:49 SAST 2007 i686 i686 i386 GNU/Linux But I keep facing some timeout from puppetd: warning: peer certificate won''t be verified in this SSL session Exiting; failed to retrieve certificate and waitforcert

Hi, I am using the cloud provisioner to bootstrap some ec2 nodes, and these clients are signed using a randomly generated certname, which is put in /etc/puppet.conf at the bootstrap time (eg certname = d7bcd693-73fd-495f-0876-ff91ea11111e). But my puppet code repo also manages the puppet.conf file, so the file will be overwritten on the client at the first puppet run. Nevertheless, i should not

Hello readers, I have this little issue that my puppet client refuses to do anything because of SSL validation errors. Maybe I''ll just post dump of what happens, that makes it clear I hope. Does anyone have a suggestion why that might happen? what I already checked: On the master: - Puppet and puppetmaster is running - Something is listening on Port 8140 (although I cannot

Started the discussion in puppet users mailing list based on recommendation from luke. This discussion is to a follow up regarding bug#1955 "Could not find server puppet" - installation/configuration error". jamtur01''s last recommendation: Rather than renaming things try the certname option (see http://reductivelabs.com/trac/puppet/wiki/ConfigurationReference). But

A quick overview of our setup: We have an EBS-backed puppet master instance with an Elastic IP, and a number of puppet agent AMI images in various regions. When these AMIs were created, they were authenticated with the puppet master using the following command: # puppet agent --certname=$(cat /etc/puppet/certname) --server puppet.ourdomain.net --waitforcert 30 --test ...and accepted on the

Hi all, When i try to boot an ec2 instance using: *puppet node_aws bootstrap --server myserverOnAWS.com --image ami-61ad0108 --keyname test-malcom --login ubuntu --type m1.small --keyfile test-malcom.pem -g puppets --verbose --debug --puppetagent-certname test* I get this error: *notice: Signing certificate ...* *debug: certificate_status supports formats: b64_zlib_yaml pson raw yaml; using

I''m setting up a dev / test environment using a couple of Ubuntu 12.04 VMs. I have puppet installed on one of them, and am trying to get it to sync against itself to get certain things in place to distribute with the nodes. However, I am having some issues. # puppet agent --test info: Creating a new SSL key for puppet-local-master err: Could not request certificate: getaddrinfo: Name

Hi, I have created an agent node from a master node using below command. puppet node_aws create --image ami-cc5af9a5 --keyname icos-client --type ti.micro Now as i am trying to install puppet on it using below command puppet node install \ --install-script=puppet- enterprise \ --installer-payload=/usr/local/puppet/puppet-2.7.0.tar.gz \ --installer-answers=/usr/local/puppet/agent.txt \

I am having SSL difficulties setting up a new puppet client: Client: fedora (rawhide) using 0.23.2 Server: centos 4.4 using 0.22.3 After initiating contact with puppetd --test --server=puppet.myclient.com, I see the CSR on the server. After signing it, and running puppet again, I get the signed certificate, but also see: err: Could not retrieve configuration: Certificates were not trusted:

Hello... I wanted to be able to startup an EC2 instance with one command and have a fully functioning server without having to shell into each new instance and configure the bits to allow puppet to finish the configuration. Here are some notes I came up with for bootstrapping an ec2 instance with puppet using Ubuntu 10.04. I left out a lot of things about creating and running custom AIM

I am banging my head against the wall for recently built hosts that are unable to verify the server''s certs. The usual is not working. on the puppet agent machine: find /var/lib/puppet/ssl -type f -delete on puppet master: puppetca --clean <new_host_cert> on agent: puppetd --server puppet --waitforcert 2 --no-daemonize -d -o on puppet master: puppetca --sign

Hi all, I''m trying to set up puppet 0.24.5 using the packages provided for Mandriva 2009.0. After installing the packages and starting the puppetmaster service for the first time, the relevant CA certificates and keys are generated automatically and placed in subdirectories of $ssldir. However, when I then run puppetd on the same machine thus: $ puppetd --server myhost.mydomain

Hello: I''m trying to put a puppet master on an EC2 instance, and have it be accessible to agentes using either its EC2 DNS name (e.g., ec2-xxx-xxx-xxx-xxx.compute-1.amazonaws.com) or a friendlier alias (e.g., puppet.example.com). My /etc/puppet/puppet.conf looks like: [master] certname=ec2-xxx-xxx-xxx-xxx.compute-1.amazonaws.com

1. I get the following error when I run “puppet device’ err: Could not request certificate: Could not write /var/opt/lib/pe-puppet/devices/certname/ssl/private_keys/certname.pem to privatekeydir: Permission denied - /var/opt/lib/pe-puppet/devices/certname/ssl/private_keys/certname.pem Any thought? Thanks, -- You received this message because you are subscribed to the Google Groups

How can I pre-sign a server which doesn''t yet have a domain pointing to it? I''m trying to get an EC2 "base image" together which is pre-signed with our master, so I can spin-up as many instances as required. These instances which will all share the same characteristics and files (they''re basically dupes), and will all sit behind a load-balancer, so

Hi, I am trying to bootstrap a new agent from my master node as below. puppet node_aws bootstrap \ --region us-east-1 \ --image ami-cc5af9a5 \ --login root \ --keyfile /root/.ssh/private.pem \ --install-script=puppet-enterprise \ --installer-payload=/usr/local/puppet/puppet-2.7.0.tar.gz \ --installer-answers=/usr/local/puppet/agent.txt \ --keyname icos-client \ --type t1.micro Node is created

Hi All, I have spent couple of days trying to work-out this problem with not luck. I am working on a Linux Fedora 14. I ssh from the server to the client using teh IP with no problem. Client: # puppetd --server puppet --waitforcert 60 --test --verbose info: Creating a new SSL key for bar03 warning: peer certificate won''t be verified in this SSL session warning: peer certificate

Is is possible to have a puppetmaster that is a client of a different puppetmaster? We manage our customers'' server via puppet, but one customer has a puppetmaster server which looks after their internal systems. We''ve tried the following in /etc/puppet/puppet.conf ("customer" and "us" replacing the domain names) on their puppetmaster: [puppetmasterd]