similar to: revoked host can't be re-added?

Hello I have a puppetmasterd installation running on a Mac OS X 10.6.3 Server with puppet installed via macports. Earlier today it was happily signing requests, before I upgraded puppet from 0.24.8 to 0.25.4. Now I get "Invalid argument": bash-3.2# puppetca --sign bouti.carbonplanet.com bouti.carbonplanet.com err: Could not call sign: Invalid argument The only mention I can find on

I am banging my head against the wall for recently built hosts that are unable to verify the server''s certs. The usual is not working. on the puppet agent machine: find /var/lib/puppet/ssl -type f -delete on puppet master: puppetca --clean <new_host_cert> on agent: puppetd --server puppet --waitforcert 2 --no-daemonize -d -o on puppet master: puppetca --sign

hello, I''ve just added a new client to an existing configuration but cannot get it recognised. Both client and server are running 0.24.5, installed on gentoo linux using portage. This is what I dis: Server: /etc/init.d/puppetmaster start * Starting puppetmaster ... [ ok ] Client: puppetd --test warning: peer certificate won''t be verified in this SSL session notice: Did not

Hi, I have a puppet master and agent installed. I want to generate and configure master-agent certificate and followed the steps: Master: ========== 1. Cleaned up all certificate on Master: [root@puppet-server manifests]# puppet cert sign --all No waiting certificate requests to sign [root@puppet-server manifests]# puppet cert clean --all notice: Revoked

So set up new node, ran on the client puppetd --server puppetmaster --waitforcert 60 --test on the puppetmaster itself I ran puppetca --list saw the hostname and then ran: puppetca --sign hostname.domain.com and on the puppet node itself I went back and ran puppetd -tv and get the following error: err: Could not retrieve catalog from remote server: certificate verify failed warning: Not

This is the first time is happening... and It happens consecutively with all the hosts. Fresh kickstarted host (never set up before the name so its not on the revocation list), I just run puppetd -tv (we have autosign on), I just get the output below: [root@server182 puppet]# puppetd -tv info: Creating a new SSL key for server182.domain.com warning: peer certificate won''t be verified in

Hello there, I have a problem while I''m trying to puppetize a client, I get this error: err: Could not request certificate: Certificate retrieval failed: Certificate request does not match existing certificate; run ''puppetca --clean puppetclienttest.sl.ss''. I checked -Shutdown puppet on client/server side, delete ssl/ dir to regenerate certificate. -Be sure that the

I testing Puppet 0.19.3. If we decide to use it, we''d deploy it across several thousand hosts. The method described for creating client certificates described in the documentation - running "puppetd --server <server> --waitforcert 60 --test" and "puppetca --sign <client>" - is not practical for our installation. I''ve tried creating

Hi: I''m trying to configure Puppet on Ubuntu, and strangely I am never able to generate a certificate because my server never shows any pending certificate requests. Put differently, on the server I am running puppetmasterd and on the client I am able to connect to the server, but the client continues printing notice: Did not receive certificate warning: peer certificate

Hello, I try to install puppet on freebsd 6.X. All is well but i cannot get the certificte to install and be recognized. I run .19.3. I run the puppetd --test --waitforcert 60 then sign and then i got: err: No certificate; running with reduced functionality. info: Creating a new SSL key at /usr/local/.aqadmin/puppet/conf/ssl/private_keys/xxxxxxxxxxxxxx.pem info: Creating a new certificate

https://bugzilla.mindrot.org/show_bug.cgi?id=3659 Bug ID: 3659 Summary: Certificates are ignored when listing revoked items in a (binary) revocation list Product: Portable OpenSSH Version: 9.2p1 Hardware: All OS: All Status: NEW Severity: minor Priority: P5

Hi, I''m using puppet on EC2 to setup my VMs with the following configuration: # puppetd --version 0.25.5 # uname -a Linux hostname.domain 2.6.16-xenU #1 SMP Mon May 28 03:41:49 SAST 2007 i686 i686 i386 GNU/Linux But I keep facing some timeout from puppetd: warning: peer certificate won''t be verified in this SSL session Exiting; failed to retrieve certificate and waitforcert

Folks -- I am attempting to retrieve a new certificate on a Puppet client whose certificate was revoked on the Puppet master. The original certificate was revoked using the command: # puppet cert --revoke el5-puptest-2.localdomain I have deleted the /var/lib/puppet/ssl directory on the client, and issued the following command: # puppet agent --test --waitforcert=20 This produces the

Hi. When registering a new client with the puppetmaster I get the following error: [root@host ~]# puppetd --server puppetmaster --waitforcert 50 --test info: Creating a new certificate request for host info: Creating a new SSL key at /var/lib/puppet/ssl/private_keys/ host.pem warning: peer certificate won''t be verified in this SSL session err: Could not call puppetca.getcert:

Hello, I am trying to configure a new puppet server on Debian Squeeze, so the server version will be 2.6.2-4. I am trying to configure a client running Lenny, the puppet version is 0.25.4-2 I declare the new client with the command : #puppetd --server puppet.domain.tld --waitforcert 60 --test on the server : #puppetca --sign client.domain.tld When the client finish to execute the first

Hi Daminan! Hmmm... thought about a little... when i use -vvv with ssh-keygen -Qf i see "debug1:..." So i think, debug is compiled in. ssh-keygen --help gives me ssh-keygen -k -f krl_file [-u] [-s ca_public] [-z version_number] file ... so... option -z is not the serial of the certificate, it is the version-number of the KRL-File... My openssh-Verision from Debian is

I installed all required pkgs for Puppet & other configurations are done. I have issues getting certificates from server. vm1 is server & vm2 is client. In client I run, root@vm2# puppetd --server vm-devserver-18.dev.s.vonagenetworks.net -- waitforcert 60 --test and I see, /usr/lib/ruby/1.8/puppet/network/client/ca.rb:31:in `request_cert'': Certificate retrieval failed: Could

I recently had a working puppet server serving around 4-5 clients. One of the clients needed to be re-built and now only that client cannot connect. puppetca --clean hostname did not work So here is what I did on both the server/client I removed /var/lib/puppet/* Then I restarted the server via puppetmasterd --mkusers --verbose I then connect in via the client with /usr/bin/ruby

Started the discussion in puppet users mailing list based on recommendation from luke. This discussion is to a follow up regarding bug#1955 "Could not find server puppet" - installation/configuration error". jamtur01''s last recommendation: Rather than renaming things try the certname option (see http://reductivelabs.com/trac/puppet/wiki/ConfigurationReference). But

Hi - I read up on this subject quite a bit, and was able to find a few posts on the mailing list, even found a wiki article. Unfortunately it doesn''t quite address what I''m looking to do. From what I understand, Puppet''s client/server authentication system - using SSL - is portable. I believe that I should be able to use the same SSL certificates and keys (and even