similar to: certificate verify failed

Hi, I have a puppet master and agent installed. I want to generate and configure master-agent certificate and followed the steps: Master: ========== 1. Cleaned up all certificate on Master: [root@puppet-server manifests]# puppet cert sign --all No waiting certificate requests to sign [root@puppet-server manifests]# puppet cert clean --all notice: Revoked

Hi, I have setup puppet (2.7.5) on 2 different machines on ec2. Puppet master config 1. Ruby - 1.9.3 2. OS - Amazon linux image 3. runs from root user Puppet agent config 1. Ruby - 1.9.3 2. OS - centos 3. runs from root user When i run the agent, it throws an error "unknown ca" (can been seen in tcpdump/server logs) and closes the SSL connection immediately. I tried following things

Hello, I am trying to configure a new puppet server on Debian Squeeze, so the server version will be 2.6.2-4. I am trying to configure a client running Lenny, the puppet version is 0.25.4-2 I declare the new client with the command : #puppetd --server puppet.domain.tld --waitforcert 60 --test on the server : #puppetca --sign client.domain.tld When the client finish to execute the first

I''m having difficulty getting my head around some CA issues My client has: [puppetd] ca_server=puppetca.mydomain.com and puppet resolves to a different machine. when puppet connects, it requests a signature from puppetca.mydomain.combut then on the next pass fails with the following: err: Could not retrieve catalog: Certificates were not trusted: SSL_connect returned=1 errno=0

I have a puppet master on Centos 6.3 connected and working properly with other Centos 6.3 agent. I installed puppet agent via gems on a RED HAT 4 node. This is what happens when I try to sign certificate for the new node: AGENT [root@FP2 ~]$ puppet agent -t Info: Creating a new SSL key for fp2 Info: Caching certificate for ca Info: Creating a new SSL certificate request for fp2 Info:

I have a problem I can''t figure out. I was having cert problems with a host - it seemed to have multiple host names (mot likely from dns changes in the past) and all the certs were valid. Although it was giving an error about a cert I could not identify. So I tried: puppetca --revoke hostname puppetca --clean hostname restart puppetmaster puppetca --list --all (host does not show up -

Just installed Puppet 2.6.4 on Ubuntu 10.10 I was trying to restart the puppet agent but got the following error and the agent didn''t run: $ sudo puppetd --server server.domain.com --waitforcert 60 --test err: Could not retrieve catalog from remote server: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed warning: Not using cache on failed

Hello readers, I have this little issue that my puppet client refuses to do anything because of SSL validation errors. Maybe I''ll just post dump of what happens, that makes it clear I hope. Does anyone have a suggestion why that might happen? what I already checked: On the master: - Puppet and puppetmaster is running - Something is listening on Port 8140 (although I cannot

Just installed the puppet master server in and the client just installed the puppet I managed to sign the certificates root@Puppetmaster:/etc/puppet# puppet cert --list --all + "puppetclient" (96:9A:C3:8D:B6:72:A4:5F:01:AA:40:A9:95:3E:FB:D2) + "puppetmaster" (12:92:DF:EB:72:E5:DF:99:D8:22:CA:5F:22:3A:1D:61) at the time I create the file site.pp in / etc / puppet / manifests

Hi! I''ve installed puppetmaster 2.7.13 on a server with CentOS 6.2 with a rpm supplied by yum.puppetlabs.com. I''ve setup a apache2 vhost with mod_ssl and passenger. The server is configured to autosign the cert requests. The agent installed on the puppetmaster''s server works fine. I''ve a second agent on a server which can sync with the server too. This

I testing Puppet 0.19.3. If we decide to use it, we''d deploy it across several thousand hosts. The method described for creating client certificates described in the documentation - running "puppetd --server <server> --waitforcert 60 --test" and "puppetca --sign <client>" - is not practical for our installation. I''ve tried creating

Hi Dears, I am installing the puppetmaster server and puppet client is running in the same machine. When i running : puppet agent --test --waitforcert 30 I received the error : Error: /File[/var/lib/puppet/lib]: Failed to generate additional resources using ''eval_generate'': SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed:

Hello, I randomly errors like this: Fri Jul 22 09:01:41 +0000 2011 //SERVER.fqdn/Puppet (err): Could not retrieve catalog from remote server: end of file reached Fri Jul 22 09:01:41 +0000 2011 //SERVER.fqdn/Puppet (notice): Using cached catalog Fri Jul 22 09:01:41 +0000 2011 //SERVER.fqdn/Puppet (err): Could not retrieve catalog; skipping run Here are the versions: puppetmaster

Hi, I''m using puppet on EC2 to setup my VMs with the following configuration: # puppetd --version 0.25.5 # uname -a Linux hostname.domain 2.6.16-xenU #1 SMP Mon May 28 03:41:49 SAST 2007 i686 i686 i386 GNU/Linux But I keep facing some timeout from puppetd: warning: peer certificate won''t be verified in this SSL session Exiting; failed to retrieve certificate and waitforcert

Hi, I would like to use Puppet in the cloud (think gogrid) to configure stem images. Virtual machines are created/destroyed on the fly under control of a load monitor. For this reason we cannot sign manually new Puppet clients, instead, we must use Puppet''s autosign feature. At the moment, Puppet just permits to filter client manifest requests with some regex over the hostname of the

Hello a newbie here. The situation is that: 2 machine one master one client Puppet 0.24.5 This my configuration: Client: /etc/puppet/puppetd.conf [puppetd] server = Asus-Vista-Box logdir = /var/log/puppet vardir = /var/lib/puppet rundir = /var/run master /etc/puppet/manifests/classes/sudo.pp class sudo { file { "/etc/sudoers": owner => "root",

Hello, I try to install puppet on freebsd 6.X. All is well but i cannot get the certificte to install and be recognized. I run .19.3. I run the puppetd --test --waitforcert 60 then sign and then i got: err: No certificate; running with reduced functionality. info: Creating a new SSL key at /usr/local/.aqadmin/puppet/conf/ssl/private_keys/xxxxxxxxxxxxxx.pem info: Creating a new certificate

hello, I''ve just added a new client to an existing configuration but cannot get it recognised. Both client and server are running 0.24.5, installed on gentoo linux using portage. This is what I dis: Server: /etc/init.d/puppetmaster start * Starting puppetmaster ... [ ok ] Client: puppetd --test warning: peer certificate won''t be verified in this SSL session notice: Did not

Hi, I am trying to bootstrap a new agent from my master node as below. puppet node_aws bootstrap \ --region us-east-1 \ --image ami-cc5af9a5 \ --login root \ --keyfile /root/.ssh/private.pem \ --install-script=puppet-enterprise \ --installer-payload=/usr/local/puppet/puppet-2.7.0.tar.gz \ --installer-answers=/usr/local/puppet/agent.txt \ --keyname icos-client \ --type t1.micro Node is created

Hello there, I have a problem while I''m trying to puppetize a client, I get this error: err: Could not request certificate: Certificate retrieval failed: Certificate request does not match existing certificate; run ''puppetca --clean puppetclienttest.sl.ss''. I checked -Shutdown puppet on client/server side, delete ssl/ dir to regenerate certificate. -Be sure that the