Displaying 20 results from an estimated 7000 matches similar to: "Using Puppet via a proxy."
2011 Mar 15
1
error SSL_connect SYSCALL returned=5 errno=0 state=SSLv2/v3 read server hello A
Hello folks,
I am getting this error on one of the clients, here''s all of the
output. It was working on this client and today it stopped working. I
cleaned the cert for this client puppetmaster by "puppetca --clean
host.domain.com" and I removed the "/var/lib/puppet/ssl" directory so
it would get new certs. But I still keep getting the same error as
below. I have other
2008 Aug 29
3
Could not call puppetca.getcert: #<Errno::EHOSTUNREACH: No route to host
Hi all puppet-Users,
i try to get my first puppet installation up and running.
(puppet-0.24.5, ruby-1.8.5)
everything works as expected witch puppetmasterd + puppetd on the same
machine.
but i''ve problems connecting to the puppet-server from any client
host.
all i get is the error
------------
debug: Calling puppetca.getcert
err: Could not call puppetca.getcert:
2009 Feb 12
2
"Could not find server puppet" - installation/configuration error
Started the discussion in puppet users mailing list based on
recommendation from luke. This discussion is to a follow up regarding
bug#1955 "Could not find server puppet" - installation/configuration
error".
jamtur01''s last recommendation:
Rather than renaming things try the certname option (see
http://reductivelabs.com/trac/puppet/wiki/ConfigurationReference).
But
2007 Apr 09
8
cert problem with client
I recently had a working puppet server serving around 4-5 clients. One of
the clients needed to be re-built and now only that client cannot connect.
puppetca --clean hostname did not work
So here is what I did on both the server/client I removed /var/lib/puppet/*
Then I restarted the server via
puppetmasterd --mkusers --verbose
I then connect in via the client with
/usr/bin/ruby
2008 Apr 25
4
Certificate retrieval failed: Connection reset by peer
Hi.
When registering a new client with the puppetmaster I get the
following error:
[root@host ~]# puppetd --server puppetmaster --waitforcert 50 --test
info: Creating a new certificate request for host
info: Creating a new SSL key at /var/lib/puppet/ssl/private_keys/
host.pem
warning: peer certificate won''t be verified in this SSL session
err: Could not call puppetca.getcert:
2008 May 27
12
Puppetting the puppetmaster problems
Hi,
installing puppet at my first site was quite easy (not w/o problems,
but still). At the second site, I''ve run into something more serious.
First things first - I install puppetmaster on existing server, used
to keep LDAP db (my puppetmaster DOES NOT use LDAP, it just tries to
coexist on the same machine). The thing is, I need to puppet this
baby, so I''m running into a
2006 Oct 18
19
Creating client certificates
I testing Puppet 0.19.3. If we decide to use it, we''d deploy it
across several thousand hosts. The method described for creating
client certificates described in the documentation - running
"puppetd --server <server> --waitforcert 60 --test" and "puppetca
--sign <client>" - is not practical for our installation. I''ve
tried creating
2011 Jan 10
1
Could not call puppetca.getcert HTTP-error: 500
Hello,
Puppet client is receiving the 500 error when trying to talk to the
puppetmaster server.
Apache error log on the server shows ->
Could not prepare for execution: Got 1 failure(s) while initializing:
change from absent to file failed: Could not set ''file on ensure:
Permission denied - /var/lib/puppet/log/masterhttp.log
Permissions on this file are open and the file is owned
2011 Mar 24
3
err: Could not retrieve catalog from remote server: certificate verify failed
So set up new node, ran on the client
puppetd --server puppetmaster --waitforcert 60 --test
on the puppetmaster itself I ran
puppetca --list
saw the hostname
and then ran:
puppetca --sign hostname.domain.com
and on the puppet node itself I went back and ran puppetd -tv
and get the following error:
err: Could not retrieve catalog from remote server: certificate verify failed
warning: Not
2008 Nov 19
2
Could not request certificate: Certificate does not match private key
hello,
I''ve just added a new client to an existing configuration but cannot
get it recognised. Both client and server are running 0.24.5,
installed on gentoo linux using portage.
This is what I dis:
Server:
/etc/init.d/puppetmaster start
* Starting
puppetmaster ...
[ ok ]
Client:
puppetd --test
warning: peer certificate won''t be verified in this SSL session
notice: Did not
2016 Feb 04
0
Squid as interception HTTPS proxy under CentOS 7
check out sslbump documentation:
http://wiki.squid-cache.org/Features/SslBump
--
Eero
2016-02-04 15:24 GMT+02:00 C. L. Martinez <carlopmart at gmail.com>:
> Hi all,
>
> I am trying to configure squid as a interception HTTPS proxy under CentOS
> 7. At every https request, I am receiving a certificate error.
>
> My current config for squid is:
>
> # My localnet
2011 Jul 08
2
Puppetmaster setup with separate CA server configuration help
Hi All,
I am setting up puppetmaster with nginx and passenger and separating
the Puppetmaster primary CA server. I have 3 host
loadbalancer01 - Nginx doing LB on IP address and also running
puppetmaster with passenger under 127.0.0.1 (port 8140).
primaryca - Puppetmaster Primary CA
pclient - Puppet Client
The did the following steps:
On Primary CA server:
----------------------------
cd
2016 Feb 04
0
Squid as interception HTTPS proxy under CentOS 7
On 04/02/2016 13:24, C. L. Martinez wrote:
> Hi all,
>
> I am trying to configure squid as a interception HTTPS proxy under CentOS 7. At every https request, I am receiving a certificate error.
>
> My current config for squid is:
>
> # My localnet
> acl localnet src 172.22.55.0/28
> acl localnet src 172.22.58.0/29
>
> acl SSL_ports port 443
> acl Safe_ports
2013 Aug 22
1
ssl ofloading on amazon ELB for puppetmasters
Hi,
I''m trying to do ssl offload on amazon ELB for my puppetmaster servers, it
seems amazon ELB is not sending ssl_client_header & client_verify_header
puppetmaster
Listen 8141
<VirtualHost *:8141>
SSLEngine off
DocumentRoot /etc/puppet/rack/puppetmaster_8141/public/
RackBaseURI /
<Directory /etc/puppet/rack/puppetmaster_8141/>
PassengerEnabled on
2013 Jan 22
7
New user learning puppet and getting error> getaddrinfo: Name or service not known
Hello everyone,
I''m a new user regarding puppet but I''m skilled with linux. I have setup a
puppetmaster server and also have a puppet client for testing on a
different box.
/etc/sysconfig/puppet has been edited to reach puppetmaster with
option PUPPET_SERVER=puppet.mydomain.cr (I''m in Costa Rica)
On the puppetmaster I was able to see the client with puppetca
2007 Apr 05
1
signing certs
I noticed a behaviour which is kind of confusing. I have the puppetmasterd
running. Now I want a new client to connect. I edit the site.pp and add
the client. When the client is started I can see it with puppetca --list.
So I sign the client. When it next tries to connect it shows:
notice: Allowing ::ffff:192.168.x.y(::ffff:192.168.x.y) untrusted access
to CA methods
notice: Host
2012 Jan 21
1
squid transparent proxy problem
Greetings,
I installed a squid 3.1.10.i686 squid to a centos 6.2i686. The proxy is
working fine with the default config.
After I decided to use it as a transparent proxy, I added two lines to
config: http_proxy 10.0.5.1:3128 transparent, always_direct allow all
http_port 10.0.5.1:3128 transparent
#
# Recommended minimum configuration:
#
acl manager proto cache_object
#acl localhost src
2007 Jun 20
4
puppetmaster through HTTP proxy
I have a test area network that is not routed to the production network
because of IP address space re-use between the two networks. I would
like the puppetmaster to serve both the production and test area
networks. The puppetmaster is on the production network. I understand
the puppet to puppetmaster connect to be HTTP using SSL.
Can I somehow setup the puppet clients to use an HTTP
2009 Nov 13
2
Multihomed puppet-server Multidomain SSL Problem
Hello List,
I have a problem with the CA on my Puppetmaster. This Puppetmaster is
connected to different Networks with different sub domainnames. The Puppet
clients connecting via different Interfaces. There is no routing between
subnets. Only one subnet can connect successfully. This is because the
subject in the Certificate is the name of this subnet. All other clients get:
Could not
2006 Dec 19
2
Automating client setups
Is there a Best Practices method for doing this? :)
I''m trying to configure clients by ssh''ing to them from the
puppetmaster. My steps are:
ssh $host ''svccfg import ...''
sleep
puppetca --sign $host
scp namespaceauth.conf $host
ssh $host ''svcadm restart puppet''
The problem is that I''d like to stop and log an error if the cert
signing