similar to: Certificate / Private Key Mismatch

I testing Puppet 0.19.3. If we decide to use it, we''d deploy it across several thousand hosts. The method described for creating client certificates described in the documentation - running "puppetd --server <server> --waitforcert 60 --test" and "puppetca --sign <client>" - is not practical for our installation. I''ve tried creating

hello, I''ve just added a new client to an existing configuration but cannot get it recognised. Both client and server are running 0.24.5, installed on gentoo linux using portage. This is what I dis: Server: /etc/init.d/puppetmaster start * Starting puppetmaster ... [ ok ] Client: puppetd --test warning: peer certificate won''t be verified in this SSL session notice: Did not

So set up new node, ran on the client puppetd --server puppetmaster --waitforcert 60 --test on the puppetmaster itself I ran puppetca --list saw the hostname and then ran: puppetca --sign hostname.domain.com and on the puppet node itself I went back and ran puppetd -tv and get the following error: err: Could not retrieve catalog from remote server: certificate verify failed warning: Not

Hi All, I have spent couple of days trying to work-out this problem with not luck. I am working on a Linux Fedora 14. I ssh from the server to the client using teh IP with no problem. Client: # puppetd --server puppet --waitforcert 60 --test --verbose info: Creating a new SSL key for bar03 warning: peer certificate won''t be verified in this SSL session warning: peer certificate

I''m having difficulty getting my head around some CA issues My client has: [puppetd] ca_server=puppetca.mydomain.com and puppet resolves to a different machine. when puppet connects, it requests a signature from puppetca.mydomain.combut then on the next pass fails with the following: err: Could not retrieve catalog: Certificates were not trusted: SSL_connect returned=1 errno=0

Hi - I a ran puppetd -vt against a brand newly build host (which is what I normally do for a new host) and got the usual message: err: No certificate; running with reduced functionality. info: Creating a new certificate request for sega-dev-1. info: Requesting certificate On the puppetmaster, I then list the waiting host with: puppetca --list then sign the key. In this case, I decided that the

Hello there, I have a problem while I''m trying to puppetize a client, I get this error: err: Could not request certificate: Certificate retrieval failed: Certificate request does not match existing certificate; run ''puppetca --clean puppetclienttest.sl.ss''. I checked -Shutdown puppet on client/server side, delete ssl/ dir to regenerate certificate. -Be sure that the

Hello everyone, I am new to puppet. I have installed on redhat Enterprise 5and seems to be working fine. Couple days ago I was testing some permissions on / etc folder and applied 600 /etc and sub folders. Although I have reverted the permission but I am having issues on puppetmaster. Currently I have these permission on etc 755 and puppet folder: my /etc folder is 755 and puppet folder with tese

I restarted puppetmasterd and it announced that the Cert does not match existing key ! [root@puppet ~]# puppetmasterd --verbose --no-daemonize info: Starting server for Puppet version 0.24.1 info: mount[files]: allowing 10.100.0.0/16 access info: mount[files]: allowing *.gridapp.com access info: mount[files]: allowing *.dev.gridapp.com access info: Retrieving existing certificate for

I''m running in circles with this issue... I accidentally did a ''puppetca --clean --all'' and lost all certificates. I was able to get the puppetmaster running and re-created certificates for the client system, but I get the following error: warning: peer certificate won''t be verified in this SSL session info: Caching certificate for w0f.lagged.com info:

Hi, I''m using puppet on EC2 to setup my VMs with the following configuration: # puppetd --version 0.25.5 # uname -a Linux hostname.domain 2.6.16-xenU #1 SMP Mon May 28 03:41:49 SAST 2007 i686 i686 i386 GNU/Linux But I keep facing some timeout from puppetd: warning: peer certificate won''t be verified in this SSL session Exiting; failed to retrieve certificate and waitforcert

Hi, installing puppet at my first site was quite easy (not w/o problems, but still). At the second site, I''ve run into something more serious. First things first - I install puppetmaster on existing server, used to keep LDAP db (my puppetmaster DOES NOT use LDAP, it just tries to coexist on the same machine). The thing is, I need to puppet this baby, so I''m running into a

I am banging my head against the wall for recently built hosts that are unable to verify the server''s certs. The usual is not working. on the puppet agent machine: find /var/lib/puppet/ssl -type f -delete on puppet master: puppetca --clean <new_host_cert> on agent: puppetd --server puppet --waitforcert 2 --no-daemonize -d -o on puppet master: puppetca --sign

I have a puppet master install which uses puppetdb. I also have puppet dashboard installed with the inventory service running. I want multiple puppet masters using a single puppetDB server. Puppetdb is installed on separate vm. How can I get the dashboard inventory to use the puppetdb server to get the inventory records? Where do I configure the dashboard inventory so it uses puppetdb? I

I am trying to come up with a workable solution in managing numerous Mac workstations allowing a high degree of flexibility with regards to certs. My puppet environment is setup to application installation on machines that have been ''imaged'' with a base OS and the puppet and facter apps. So, when a Mac is ''imaged'' and subsequently re-booted, puppet is run at

Hey Folks, I''m looking at doing automated provisioning of new servers and am trying to integrate puppet into this process. What I''m wondering though is what the best process for securely registering a new node is. At the moment the first time puppet is run I have to then accept the certificate on the puppetmaster and then run puppet again. What I would like to do is accept the

Hi. When registering a new client with the puppetmaster I get the following error: [root@host ~]# puppetd --server puppetmaster --waitforcert 50 --test info: Creating a new certificate request for host info: Creating a new SSL key at /var/lib/puppet/ssl/private_keys/ host.pem warning: peer certificate won''t be verified in this SSL session err: Could not call puppetca.getcert:

Hi, I''ve setup the puppetmaster to start 5 processes each listening on a different port, with an Apache server in front. This works fine for existing clients, however when I try to add a new client (ie. a newly installed machine with no previous puppet configuration) I get this error: err: Could not request certificate: sslv3 alert handshake failure error Any ideas what''s

All, I have --confdir=/etc/puppet/common in my /etc/init.d/puppetmaster and /etc/init.d/puppet files, vardir set to /var/lib/puppet in /etc/puppet/common/puppet.conf, and yet, every time I run puppetca it creates /etc/puppet/ssl. Anyone know why? Doug. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email

Hello, I try to install puppet on freebsd 6.X. All is well but i cannot get the certificte to install and be recognized. I run .19.3. I run the puppetd --test --waitforcert 60 then sign and then i got: err: No certificate; running with reduced functionality. info: Creating a new SSL key at /usr/local/.aqadmin/puppet/conf/ssl/private_keys/xxxxxxxxxxxxxx.pem info: Creating a new certificate