similar to: Using Puppet via a proxy.

Displaying 20 results from an estimated 7000 matches similar to: "Using Puppet via a proxy."

2011 Mar 15
1
error SSL_connect SYSCALL returned=5 errno=0 state=SSLv2/v3 read server hello A
Hello folks, I am getting this error on one of the clients, here''s all of the output. It was working on this client and today it stopped working. I cleaned the cert for this client puppetmaster by "puppetca --clean host.domain.com" and I removed the "/var/lib/puppet/ssl" directory so it would get new certs. But I still keep getting the same error as below. I have other
2008 Aug 29
3
Could not call puppetca.getcert: #<Errno::EHOSTUNREACH: No route to host
Hi all puppet-Users, i try to get my first puppet installation up and running. (puppet-0.24.5, ruby-1.8.5) everything works as expected witch puppetmasterd + puppetd on the same machine. but i''ve problems connecting to the puppet-server from any client host. all i get is the error ------------ debug: Calling puppetca.getcert err: Could not call puppetca.getcert:
2009 Feb 12
2
"Could not find server puppet" - installation/configuration error
Started the discussion in puppet users mailing list based on recommendation from luke. This discussion is to a follow up regarding bug#1955 "Could not find server puppet" - installation/configuration error". jamtur01''s last recommendation: Rather than renaming things try the certname option (see http://reductivelabs.com/trac/puppet/wiki/ConfigurationReference). But
2007 Apr 09
8
cert problem with client
I recently had a working puppet server serving around 4-5 clients. One of the clients needed to be re-built and now only that client cannot connect. puppetca --clean hostname did not work So here is what I did on both the server/client I removed /var/lib/puppet/* Then I restarted the server via puppetmasterd --mkusers --verbose I then connect in via the client with /usr/bin/ruby
2008 Apr 25
4
Certificate retrieval failed: Connection reset by peer
Hi. When registering a new client with the puppetmaster I get the following error: [root@host ~]# puppetd --server puppetmaster --waitforcert 50 --test info: Creating a new certificate request for host info: Creating a new SSL key at /var/lib/puppet/ssl/private_keys/ host.pem warning: peer certificate won''t be verified in this SSL session err: Could not call puppetca.getcert:
2008 May 27
12
Puppetting the puppetmaster problems
Hi, installing puppet at my first site was quite easy (not w/o problems, but still). At the second site, I''ve run into something more serious. First things first - I install puppetmaster on existing server, used to keep LDAP db (my puppetmaster DOES NOT use LDAP, it just tries to coexist on the same machine). The thing is, I need to puppet this baby, so I''m running into a
2006 Oct 18
19
Creating client certificates
I testing Puppet 0.19.3. If we decide to use it, we''d deploy it across several thousand hosts. The method described for creating client certificates described in the documentation - running "puppetd --server <server> --waitforcert 60 --test" and "puppetca --sign <client>" - is not practical for our installation. I''ve tried creating
2011 Jan 10
1
Could not call puppetca.getcert HTTP-error: 500
Hello, Puppet client is receiving the 500 error when trying to talk to the puppetmaster server. Apache error log on the server shows -> Could not prepare for execution: Got 1 failure(s) while initializing: change from absent to file failed: Could not set ''file on ensure: Permission denied - /var/lib/puppet/log/masterhttp.log Permissions on this file are open and the file is owned
2011 Mar 24
3
err: Could not retrieve catalog from remote server: certificate verify failed
So set up new node, ran on the client puppetd --server puppetmaster --waitforcert 60 --test on the puppetmaster itself I ran puppetca --list saw the hostname and then ran: puppetca --sign hostname.domain.com and on the puppet node itself I went back and ran puppetd -tv and get the following error: err: Could not retrieve catalog from remote server: certificate verify failed warning: Not
2008 Nov 19
2
Could not request certificate: Certificate does not match private key
hello, I''ve just added a new client to an existing configuration but cannot get it recognised. Both client and server are running 0.24.5, installed on gentoo linux using portage. This is what I dis: Server: /etc/init.d/puppetmaster start * Starting puppetmaster ... [ ok ] Client: puppetd --test warning: peer certificate won''t be verified in this SSL session notice: Did not
2016 Feb 04
0
Squid as interception HTTPS proxy under CentOS 7
check out sslbump documentation: http://wiki.squid-cache.org/Features/SslBump -- Eero 2016-02-04 15:24 GMT+02:00 C. L. Martinez <carlopmart at gmail.com>: > Hi all, > > I am trying to configure squid as a interception HTTPS proxy under CentOS > 7. At every https request, I am receiving a certificate error. > > My current config for squid is: > > # My localnet
2011 Jul 08
2
Puppetmaster setup with separate CA server configuration help
Hi All, I am setting up puppetmaster with nginx and passenger and separating the Puppetmaster primary CA server. I have 3 host loadbalancer01 - Nginx doing LB on IP address and also running puppetmaster with passenger under 127.0.0.1 (port 8140). primaryca - Puppetmaster Primary CA pclient - Puppet Client The did the following steps: On Primary CA server: ---------------------------- cd
2016 Feb 04
0
Squid as interception HTTPS proxy under CentOS 7
On 04/02/2016 13:24, C. L. Martinez wrote: > Hi all, > > I am trying to configure squid as a interception HTTPS proxy under CentOS 7. At every https request, I am receiving a certificate error. > > My current config for squid is: > > # My localnet > acl localnet src 172.22.55.0/28 > acl localnet src 172.22.58.0/29 > > acl SSL_ports port 443 > acl Safe_ports
2013 Aug 22
1
ssl ofloading on amazon ELB for puppetmasters
Hi, I''m trying to do ssl offload on amazon ELB for my puppetmaster servers, it seems amazon ELB is not sending ssl_client_header & client_verify_header puppetmaster Listen 8141 <VirtualHost *:8141> SSLEngine off DocumentRoot /etc/puppet/rack/puppetmaster_8141/public/ RackBaseURI / <Directory /etc/puppet/rack/puppetmaster_8141/> PassengerEnabled on
2013 Jan 22
7
New user learning puppet and getting error> getaddrinfo: Name or service not known
Hello everyone, I''m a new user regarding puppet but I''m skilled with linux. I have setup a puppetmaster server and also have a puppet client for testing on a different box. /etc/sysconfig/puppet has been edited to reach puppetmaster with option PUPPET_SERVER=puppet.mydomain.cr (I''m in Costa Rica) On the puppetmaster I was able to see the client with puppetca
2007 Apr 05
1
signing certs
I noticed a behaviour which is kind of confusing. I have the puppetmasterd running. Now I want a new client to connect. I edit the site.pp and add the client. When the client is started I can see it with puppetca --list. So I sign the client. When it next tries to connect it shows: notice: Allowing ::ffff:192.168.x.y(::ffff:192.168.x.y) untrusted access to CA methods notice: Host
2012 Jan 21
1
squid transparent proxy problem
Greetings, I installed a squid 3.1.10.i686 squid to a centos 6.2i686. The proxy is working fine with the default config. After I decided to use it as a transparent proxy, I added two lines to config: http_proxy 10.0.5.1:3128 transparent, always_direct allow all http_port 10.0.5.1:3128 transparent # # Recommended minimum configuration: # acl manager proto cache_object #acl localhost src
2007 Jun 20
4
puppetmaster through HTTP proxy
I have a test area network that is not routed to the production network because of IP address space re-use between the two networks. I would like the puppetmaster to serve both the production and test area networks. The puppetmaster is on the production network. I understand the puppet to puppetmaster connect to be HTTP using SSL. Can I somehow setup the puppet clients to use an HTTP
2009 Nov 13
2
Multihomed puppet-server Multidomain SSL Problem
Hello List, I have a problem with the CA on my Puppetmaster. This Puppetmaster is connected to different Networks with different sub domainnames. The Puppet clients connecting via different Interfaces. There is no routing between subnets. Only one subnet can connect successfully. This is because the subject in the Certificate is the name of this subnet. All other clients get: Could not
2006 Dec 19
2
Automating client setups
Is there a Best Practices method for doing this? :) I''m trying to configure clients by ssh''ing to them from the puppetmaster. My steps are: ssh $host ''svccfg import ...'' sleep puppetca --sign $host scp namespaceauth.conf $host ssh $host ''svcadm restart puppet'' The problem is that I''d like to stop and log an error if the cert signing