Displaying 20 results from an estimated 20000 matches similar to: "certificate verify failed"
2012 Aug 28
8
Unable to generate certificate on Puppet Agent through Master
Hi,
I have a puppet master and agent installed. I want to generate and
configure master-agent certificate and followed the steps:
Master:
==========
1. Cleaned up all certificate on Master:
[root@puppet-server manifests]# puppet cert sign --all
No waiting certificate requests to sign
[root@puppet-server manifests]# puppet cert clean --all
notice: Revoked
2011 Oct 12
2
tlsv1 alert - unknown ca!
Hi,
I have setup puppet (2.7.5) on 2 different machines on ec2.
Puppet master config
1. Ruby - 1.9.3
2. OS - Amazon linux image
3. runs from root user
Puppet agent config
1. Ruby - 1.9.3
2. OS - centos
3. runs from root user
When i run the agent, it throws an error "unknown ca" (can been seen
in tcpdump/server logs) and closes the SSL connection immediately. I
tried following things
2011 Mar 10
2
Puppet Certificate verify failed
Hello,
I am trying to configure a new puppet server on Debian Squeeze, so the
server version will be 2.6.2-4.
I am trying to configure a client running Lenny, the puppet version is
0.25.4-2
I declare the new client with the command :
#puppetd --server puppet.domain.tld --waitforcert 60 --test
on the server :
#puppetca --sign client.domain.tld
When the client finish to execute the first
2008 Nov 10
12
CA_Server woes
I''m having difficulty getting my head around some CA issues
My client has:
[puppetd]
ca_server=puppetca.mydomain.com
and puppet resolves to a different machine.
when puppet connects, it requests a signature from
puppetca.mydomain.combut then on the next pass fails with the
following:
err: Could not retrieve catalog: Certificates were not trusted: SSL_connect
returned=1 errno=0
2013 Feb 11
27
Certificate verify fails without indications
I have a puppet master on Centos 6.3 connected and working properly with
other Centos 6.3 agent. I installed puppet agent via gems on a RED HAT 4
node. This is what happens when I try to sign certificate for the new node:
AGENT
[root@FP2 ~]$ puppet agent -t Info: Creating a new SSL key for fp2 Info:
Caching certificate for ca Info: Creating a new SSL certificate request for
fp2 Info:
2010 Apr 21
3
revoked host can't be re-added?
I have a problem I can''t figure out. I was having cert problems with a
host - it seemed to have multiple host names (mot likely from dns
changes in the past) and all the certs were valid. Although it was
giving an error about a cert I could not identify. So I tried:
puppetca --revoke hostname
puppetca --clean hostname
restart puppetmaster
puppetca --list --all
(host does not show up -
2011 Jan 13
5
Problem restarting the agent
Just installed Puppet 2.6.4 on Ubuntu 10.10
I was trying to restart the puppet agent but got the following error
and the agent didn''t run:
$ sudo puppetd --server server.domain.com --waitforcert 60 --test
err: Could not retrieve catalog from remote server: SSL_connect
returned=1 errno=0 state=SSLv3 read server certificate B: certificate
verify failed
warning: Not using cache on failed
2012 Aug 10
3
SSL issues - certificate verify failed
Hello readers,
I have this little issue that my puppet client refuses to do anything
because of SSL validation errors. Maybe I''ll just post dump of what
happens, that makes it clear I hope. Does anyone have a suggestion why that
might happen? what I already checked:
On the master:
- Puppet and puppetmaster is running
- Something is listening on Port 8140 (although I cannot
2013 Nov 28
1
puppet-users-br err: Could not retrieve catalog from remote server: SSL_connect returned=1 errno=0 state=unknown sta
Just installed the puppet master server in
and the client just installed the puppet
I managed to sign the certificates
root@Puppetmaster:/etc/puppet# puppet cert --list --all
+ "puppetclient" (96:9A:C3:8D:B6:72:A4:5F:01:AA:40:A9:95:3E:FB:D2)
+ "puppetmaster" (12:92:DF:EB:72:E5:DF:99:D8:22:CA:5F:22:3A:1D:61)
at the time I create the file site.pp in / etc / puppet / manifests
2012 Apr 22
2
centos 6.2 - puppet 2.7.13 - SSL_connect returned=1 errno=0 state=SSLv3 read server session ticket A: tlsv1 alert protocol version
Hi!
I''ve installed puppetmaster 2.7.13 on a server with CentOS 6.2 with a rpm
supplied by yum.puppetlabs.com.
I''ve setup a apache2 vhost with mod_ssl and passenger. The server is
configured to autosign the cert requests.
The agent installed on the puppetmaster''s server works fine. I''ve a second
agent on a server which can sync with the server too. This
2006 Oct 18
19
Creating client certificates
I testing Puppet 0.19.3. If we decide to use it, we''d deploy it
across several thousand hosts. The method described for creating
client certificates described in the documentation - running
"puppetd --server <server> --waitforcert 60 --test" and "puppetca
--sign <client>" - is not practical for our installation. I''ve
tried creating
2013 Nov 06
1
PuppetMaster and Puppet Client in the same machine
Hi Dears,
I am installing the puppetmaster server and puppet client is running in the
same machine.
When i running : puppet agent --test --waitforcert 30
I received the error :
Error: /File[/var/lib/puppet/lib]: Failed to generate additional resources
using ''eval_generate'': SSL_connect returned=1 errno=0 state=SSLv3 read
server certificate B: certificate verify failed:
2011 Jul 22
9
Random error in the recovery catalog
Hello,
I randomly errors like this:
Fri Jul 22 09:01:41 +0000 2011 //SERVER.fqdn/Puppet (err): Could not
retrieve catalog from remote server: end of file reached
Fri Jul 22 09:01:41 +0000 2011 //SERVER.fqdn/Puppet (notice): Using
cached catalog
Fri Jul 22 09:01:41 +0000 2011 //SERVER.fqdn/Puppet (err): Could not
retrieve catalog; skipping run
Here are the versions:
puppetmaster
2011 Mar 11
6
failed to retrieve certificate on Amazon EC2
Hi,
I''m using puppet on EC2 to setup my VMs with the following configuration:
# puppetd --version
0.25.5
# uname -a
Linux hostname.domain 2.6.16-xenU #1 SMP Mon May 28 03:41:49 SAST 2007 i686
i686 i386 GNU/Linux
But I keep facing some timeout from puppetd:
warning: peer certificate won''t be verified in this SSL session
Exiting; failed to retrieve certificate and waitforcert
2010 Jan 28
2
How to execute an arbitrary script when a puppetclient ask for a manifest?
Hi,
I would like to use Puppet in the cloud (think gogrid) to configure
stem images.
Virtual machines are created/destroyed on the fly under control of a
load monitor.
For this reason we cannot sign manually new Puppet clients, instead,
we must use Puppet''s autosign feature.
At the moment, Puppet just permits to filter client manifest requests
with some regex over the hostname of the
2009 Oct 20
11
Stuck with puppet
Hello a newbie here.
The situation is that:
2 machine one master one client
Puppet 0.24.5
This my configuration:
Client:
/etc/puppet/puppetd.conf
[puppetd]
server = Asus-Vista-Box
logdir = /var/log/puppet
vardir = /var/lib/puppet
rundir = /var/run
master
/etc/puppet/manifests/classes/sudo.pp
class sudo {
file { "/etc/sudoers":
owner => "root",
2006 Nov 02
6
certificate not trusted
Hello,
I try to install puppet on freebsd 6.X. All is well but i cannot get
the certificte to install and be recognized. I run .19.3.
I run the puppetd --test --waitforcert 60
then sign
and then i got:
err: No certificate; running with reduced functionality.
info: Creating a new SSL key at
/usr/local/.aqadmin/puppet/conf/ssl/private_keys/xxxxxxxxxxxxxx.pem
info: Creating a new certificate
2008 Nov 19
2
Could not request certificate: Certificate does not match private key
hello,
I''ve just added a new client to an existing configuration but cannot
get it recognised. Both client and server are running 0.24.5,
installed on gentoo linux using portage.
This is what I dis:
Server:
/etc/init.d/puppetmaster start
* Starting
puppetmaster ...
[ ok ]
Client:
puppetd --test
warning: peer certificate won''t be verified in this SSL session
notice: Did not
2012 Dec 28
1
err: Signing certificate error: Could not render to pson: getaddrinfo: Name or service not known
Hi,
I am trying to bootstrap a new agent from my master node as below.
puppet node_aws bootstrap \
--region us-east-1 \
--image ami-cc5af9a5 \
--login root \
--keyfile /root/.ssh/private.pem \
--install-script=puppet-enterprise \
--installer-payload=/usr/local/puppet/puppet-2.7.0.tar.gz \
--installer-answers=/usr/local/puppet/agent.txt \
--keyname icos-client \
--type t1.micro
Node is created
2011 Apr 18
4
Certificate request does not match existing certificate
Hello there,
I have a problem while I''m trying to puppetize a client, I get this
error:
err: Could not request certificate: Certificate retrieval failed:
Certificate request does not match existing certificate; run ''puppetca
--clean puppetclienttest.sl.ss''.
I checked
-Shutdown puppet on client/server side, delete ssl/ dir to regenerate
certificate.
-Be sure that the