Displaying 20 results from an estimated 2000 matches similar to: "problems with puppetmaster using intermediate CA cert"
2013 Oct 18
1
'eval_generate: SSL_connect returned=1 errno=0 state=SSLv3 read server session ticket A: tlsv1 alert unknown ca
Hi, ppl
I dont know what to do.
I configure a new client do sync with my server. the server accept de
client_cert without errors and then when i run the "puppet agent -t" agaion
i got this error output
info: Retrieving plugin
err: /File[/var/lib/puppet/lib]: Failed to generate additional resources
using ''eval_generate: SSL_connect returned=1 errno=0 state=SSLv3 read
server
2009 Sep 08
7
Puppetmaster be client of another puppetmaster?
Is is possible to have a puppetmaster that is a client of a different
puppetmaster? We manage our customers'' server via puppet, but one customer
has a puppetmaster server which looks after their internal systems. We''ve
tried the following in /etc/puppet/puppet.conf ("customer" and "us"
replacing the domain names) on their puppetmaster:
[puppetmasterd]
2011 Apr 06
4
SSL issues: Separate CA, multiple load balanced masters
Hi,
I''ve been at it for about 4 days now and I just can''t figure it out.
I''m getting the following error when running puppet agent on my
masters: SSL_connect returned=1 errno=0 state=SSLv3 read server
certificate B: certificate verify failed
At startup, I''m running ntpdate (I''ve read in a lot of places that
this error occurs when date between servers
2010 May 05
12
puppet for switches
This might be a crazy idea, but it just popped into my head, and I
wanted to know if it''s possible. Perhaps not possible right now, but
possible in a theoretical sense.
Is it possible that puppet could be modified to be used to manage
switches that have a command line based interface?
When I manage our Allied Telesis switches (which have a CLI similar to
cisco IOS) I wonder if I could
2013 Apr 19
1
ldbsearch/kerberos issue
Samba 4.0.5, Debian 6.0
I can successfully perform an ldbsearch on the Samba ldb by specifying
the -U parameter:
geoffc at test-dc03: ~ $ /usr/local/samba/bin/ldbsearch -H
ldap://localhost -U geoffc 'CN=IT' objectClass
Password for [STAFF\geoffc]:
# record 1
dn: CN=IT,CN=Users,DC=testad2,DC=trinity,DC=unimelb,DC=edu,DC=au
objectClass: top
objectClass:
2012 Aug 10
3
SSL issues - certificate verify failed
Hello readers,
I have this little issue that my puppet client refuses to do anything
because of SSL validation errors. Maybe I''ll just post dump of what
happens, that makes it clear I hope. Does anyone have a suggestion why that
might happen? what I already checked:
On the master:
- Puppet and puppetmaster is running
- Something is listening on Port 8140 (although I cannot
2012 Jun 08
2
certname=hostname SSL errors
Hi all,
I ran into the following problem:
Until now, i used fqdn as certname (i.e. had no certname defined in
puppet.conf, so defaults applied) and everything worked fine. However,
I wanted to use tthe short hostname as certname, so I redeployed the
puppet.conf file, re-generated the certificates and signed them, and
removed the old certificates from the master.
Now I have the following status:
2013 Nov 06
1
PuppetMaster and Puppet Client in the same machine
Hi Dears,
I am installing the puppetmaster server and puppet client is running in the
same machine.
When i running : puppet agent --test --waitforcert 30
I received the error :
Error: /File[/var/lib/puppet/lib]: Failed to generate additional resources
using ''eval_generate'': SSL_connect returned=1 errno=0 state=SSLv3 read
server certificate B: certificate verify failed:
2012 Jan 27
2
SSL Errors - SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B
Hello, I''m new to puppet and am getting a puppet server setup with
puppet dashboard. I have the puppet server and puppet dashboard
(Apache/Passenger) setup and working well with 60+ test nodes working
as expected. Only problem is that I have this one error in the logs
which I can''t figure out.
Jan 26 17:09:41 ppt01 puppet-agent[27357]: Could not retrieve catalog
from remote
2011 Oct 12
2
tlsv1 alert - unknown ca!
Hi,
I have setup puppet (2.7.5) on 2 different machines on ec2.
Puppet master config
1. Ruby - 1.9.3
2. OS - Amazon linux image
3. runs from root user
Puppet agent config
1. Ruby - 1.9.3
2. OS - centos
3. runs from root user
When i run the agent, it throws an error "unknown ca" (can been seen
in tcpdump/server logs) and closes the SSL connection immediately. I
tried following things
2012 Aug 24
1
Getting issues while separating CA and master servers
I am trying to setup a different CA_server and master server.
I am following these links :
http://bodepd.com/wordpress/?p=7
http://docs.puppetlabs.com/guides/scaling_multiple_masters.html
Kindly help as am getting this error
info: Retrieving plugin
err: /File[/var/opt/lib/pe-puppet/lib]: Failed to generate additional
resources using ''eval_generate: SSL_connect returned=1
2013 Jun 12
4
certificate problem
When I try to connect to my new puppet master, I get an error because of
a self-signed certificate:
---snip---
# puppet agent --test --noop
Warning: Unable to fetch my node definition, but the agent run will
continue:
Warning: SSL_connect returned=1 errno=0 state=SSLv3 read server
certificate B: certificate verify failed: [self signed certificate in
certificate chain for /CN=Puppet CA:
2009 Jun 24
1
puppetrun and certs - CA certdnsnames?
Hi,
I''m rolling out a new Puppet install and am having some problems with
certs. I''ve googled and read the docs but can''t find anything.
Almost all boxes on the network are dual-homed, with a primary network
(VLAN, /27 subnet) for public data and an admin/management network for
backups and other backend stuff. All hosts have a primary interface on
the main network (and
2013 Apr 15
2
python scripting samba
Can someone point me to some documentation on scripting samba user and
group management from python? I'd much rather not do this via calls out
to samba-tool, and if I could do this remotely (via LDAP like calls) I'd
be even happier.
Cheers,
Geoff
2011 Apr 03
2
Puppetmaster behind ssh with remote port forward
Hi Folks,
I''m trying to setup a test envoriment which is composed by a
puppetmaster running in my laptop (Macos Snow Leopard) and a puppet
client running on a EC2 instance at Amazon. In order to allow the
client to talk with the master I''m using an SSH Remote port forward,
ie I login into from the laptop into the EC2 instance witha "-R
8140:localhost:8140" flag.
This
2008 Apr 11
2
Fake FQDN for puppetmaster (and ca) in faked environment?
Hi there,
We have a fake environment in which we test software and config before
rolling it out to prod. Here, we have a fake puppetmasterd running,
serving the new config under test.
But we''re having trouble with certificates. It is possible to specify
via config what fqdn the puppet ca should use for itself? We need this
to be a different (faked) fqdn than the real name of the
2008 Nov 25
1
Some cert problem
Bunch of weird stuff after a power failure here this morning. One of my
virtual servers, managed through puppet, seems to not be talking to the
master any more. And I can''t get it to reconnect. I did puppetca --clean
on the master, cleaned off certs on the client, started puppetd manually
on the client, and got this:
sh-3.2# rm -rf /var/lib/puppet/ssl/
sh-3.2# puppetd --server
2007 Jul 03
3
pupped on the puppetmaster: cert problems
I''m getting certificate errors when I attempt to run puppetd on the
puppetmaster.
As near as I can tell, this is because I''m using the same puppet.conf
for both puppetd and puppetmasterd; but puppetmaster runs as user
"puppet" and puppetd runs as user "root", yet both expect the
certificates to be readable and chmod 600. I tried telling puppetd to
use
2010 Nov 25
1
can't use godaddy SSL cert
Hey list,
I was having a similar SSL/openLDAP problem to this last week. I had
a chance to look at this again today and it still appears to not be
working. I called godaddy and had the last cert cancelled and reissued
as I had mis-typed the name of the CN on the last one.
I am trying to setup a Godaddy turbo SSL certificate with an openLDAP
2.4 server under FreeBSD 8.1. The clients are mainly
2012 Jun 14
2
Puppetmaster and two IP addresses?
I have a problem with puppet on a machine which has public and private
IP address. My nodes are on private lan, and hostname of master is FQDN
of the public IP.
Client''s just cannot connect. Problem which I get is:
err: Could not retrieve catalog from remote server: SSL_connect
returned=1 errno=0 state=SSLv3 read server certificate B: certificate
verify failed
I''ve added