Displaying 20 results from an estimated 6000 matches similar to: "When running puppetd the cert goes straight up to revoked?"
2010 Apr 21
3
revoked host can't be re-added?
I have a problem I can''t figure out. I was having cert problems with a
host - it seemed to have multiple host names (mot likely from dns
changes in the past) and all the certs were valid. Although it was
giving an error about a cert I could not identify. So I tried:
puppetca --revoke hostname
puppetca --clean hostname
restart puppetmaster
puppetca --list --all
(host does not show up -
2012 Dec 28
1
err: Signing certificate error: Could not render to pson: getaddrinfo: Name or service not known
Hi,
I am trying to bootstrap a new agent from my master node as below.
puppet node_aws bootstrap \
--region us-east-1 \
--image ami-cc5af9a5 \
--login root \
--keyfile /root/.ssh/private.pem \
--install-script=puppet-enterprise \
--installer-payload=/usr/local/puppet/puppet-2.7.0.tar.gz \
--installer-answers=/usr/local/puppet/agent.txt \
--keyname icos-client \
--type t1.micro
Node is created
2013 Oct 04
2
Issue retrieving new certificate on host after original certificate was revoked
Folks --
I am attempting to retrieve a new certificate on a Puppet client whose
certificate was revoked on the Puppet master.
The original certificate was revoked using the command:
# puppet cert --revoke el5-puptest-2.localdomain
I have deleted the /var/lib/puppet/ssl directory on the client, and issued
the following command:
# puppet agent --test --waitforcert=20
This produces the
2011 May 04
2
Puppetmaster revokes just signed certificates
Hi,
I have this problem: when I make a new request and sign the client''s
certificate, then i get a "revoked certificate" error:
err: Could not retrieve catalog from remote server: sslv3 alert certificate
revoked
I am using same version of puppet on master and clients, tried many times,
dates are the same, and cleaned the "ssl" directory.
Can someone help me?
2011 Jul 22
9
Random error in the recovery catalog
Hello,
I randomly errors like this:
Fri Jul 22 09:01:41 +0000 2011 //SERVER.fqdn/Puppet (err): Could not
retrieve catalog from remote server: end of file reached
Fri Jul 22 09:01:41 +0000 2011 //SERVER.fqdn/Puppet (notice): Using
cached catalog
Fri Jul 22 09:01:41 +0000 2011 //SERVER.fqdn/Puppet (err): Could not
retrieve catalog; skipping run
Here are the versions:
puppetmaster
2013 Jun 06
2
Trouble getting puppet config from client to master (Certificate verify failed).
Hello,
I''m having trouble between the client and the master. Please help!
*root@r3:~# puppet agent --test*
Info: Caching certificate for r3.pb
Info: Caching certificate_revocation_list for ca
Warning: Unable to fetch my node definition, but the agent run will
continue:
Warning: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate
B: certificate verify failed:
2010 Nov 13
12
certificate verify failed
I am banging my head against the wall for recently built hosts that
are unable to verify the server''s certs. The usual is not working.
on the puppet agent machine:
find /var/lib/puppet/ssl -type f -delete
on puppet master:
puppetca --clean <new_host_cert>
on agent:
puppetd --server puppet --waitforcert 2 --no-daemonize -d -o
on puppet master:
puppetca --sign
2011 Mar 10
2
Puppet Certificate verify failed
Hello,
I am trying to configure a new puppet server on Debian Squeeze, so the
server version will be 2.6.2-4.
I am trying to configure a client running Lenny, the puppet version is
0.25.4-2
I declare the new client with the command :
#puppetd --server puppet.domain.tld --waitforcert 60 --test
on the server :
#puppetca --sign client.domain.tld
When the client finish to execute the first
2012 Aug 28
8
Unable to generate certificate on Puppet Agent through Master
Hi,
I have a puppet master and agent installed. I want to generate and
configure master-agent certificate and followed the steps:
Master:
==========
1. Cleaned up all certificate on Master:
[root@puppet-server manifests]# puppet cert sign --all
No waiting certificate requests to sign
[root@puppet-server manifests]# puppet cert clean --all
notice: Revoked
2024 Jan 24
1
[Bug 3659] New: Certificates are ignored when listing revoked items in a (binary) revocation list
https://bugzilla.mindrot.org/show_bug.cgi?id=3659
Bug ID: 3659
Summary: Certificates are ignored when listing revoked items in
a (binary) revocation list
Product: Portable OpenSSH
Version: 9.2p1
Hardware: All
OS: All
Status: NEW
Severity: minor
Priority: P5
2013 Dec 02
1
imap-login hangs after receiving revoked SSL certificate
Good time of the day!
My English is not very good, excuse me if I said something wrong.
I use dovecot-2.1.16 on Gentoo Linux amd64.
I need to setup dovecot (imap and pop3) for SSL and non-SSL connection
simultaneously. For SSL connections client must submit a valid SSL
certificate. Now SSL part of dovecot.conf looks like this:
-----------------
ssl = yes
ssl_cert =
2011 Jun 15
1
Ruby 1.9.2 - puppetd error "Could not request certificate: SSL_connect returned=1"
Hello,
Running latest Puppet 2.7rc4, Ruby 1.9.2 p180, slackware 13.37 64.
Default (webrick) setup,
no mongrel no apache.
Running puppet master on the main puppet server works fine, no
problem.
Running puppet agent on the same machine works fine, no problem.
Running puppet agent on a client server (separate machine) connecting
to master gives the following error:
"err: Could not request
2013 Jun 12
4
certificate problem
When I try to connect to my new puppet master, I get an error because of
a self-signed certificate:
---snip---
# puppet agent --test --noop
Warning: Unable to fetch my node definition, but the agent run will
continue:
Warning: SSL_connect returned=1 errno=0 state=SSLv3 read server
certificate B: certificate verify failed: [self signed certificate in
certificate chain for /CN=Puppet CA:
2013 Oct 18
1
'eval_generate: SSL_connect returned=1 errno=0 state=SSLv3 read server session ticket A: tlsv1 alert unknown ca
Hi, ppl
I dont know what to do.
I configure a new client do sync with my server. the server accept de
client_cert without errors and then when i run the "puppet agent -t" agaion
i got this error output
info: Retrieving plugin
err: /File[/var/lib/puppet/lib]: Failed to generate additional resources
using ''eval_generate: SSL_connect returned=1 errno=0 state=SSLv3 read
server
2013 Nov 01
1
HELP!!! puppet-enterprise-3.1.0-el-6-i386 master/agent test fails
**
I installed PE Master on one VM and Agents on two VMs pointing to master .
Agent1 VM 64 bit works fine , but agent2 VM 32 bit fails with below error.
Only difference is architecture. One more note both the agent nodes were
accepted from Dashboard,so master has both the certificates.
Any help will be greatly appreciated.
puppet-enterprise-3.1.0-el-6-i386]# puppet agent --test
Info:
2012 Aug 10
3
SSL issues - certificate verify failed
Hello readers,
I have this little issue that my puppet client refuses to do anything
because of SSL validation errors. Maybe I''ll just post dump of what
happens, that makes it clear I hope. Does anyone have a suggestion why that
might happen? what I already checked:
On the master:
- Puppet and puppetmaster is running
- Something is listening on Port 8140 (although I cannot
2013 Nov 06
1
PuppetMaster and Puppet Client in the same machine
Hi Dears,
I am installing the puppetmaster server and puppet client is running in the
same machine.
When i running : puppet agent --test --waitforcert 30
I received the error :
Error: /File[/var/lib/puppet/lib]: Failed to generate additional resources
using ''eval_generate'': SSL_connect returned=1 errno=0 state=SSLv3 read
server certificate B: certificate verify failed:
2011 Feb 22
8
auth.conf & namespaceauth.conf : which files belong on the master , and client?
I''m trying to wrap my head around these files...
do both of them need to reside on the client and master?
are there any docs that describe these files and what all the option/
sections are and what they do?
Thanks all....
--
You received this message because you are subscribed to the Google Groups "Puppet Users" group.
To post to this group, send email to
2018 Sep 06
4
Some wishes regarding revoked keys
Hello.
I am trying to play through the following test scenario about
certificate revocation on Ubuntu 18.04, which has OpenSSH of this version:
OpenSSH_7.6p1 Ubuntu-4, OpenSSL 1.0.2n? 7 Dec 2017
1. A CA key is created
ssh-keygen -t ed25519 -f ca
2. The CA public key is added to ~/.ssh/authorized_keys on some server:
cert-authority ssh-ed25519 AAAA...e ca at yoga
3. A user key is created on a
2019 Sep 16
2
revoking ssh-cert.pub with serial revokes also younger certs
Hi Daminan!
Hmmm... thought about a little...
when i use -vvv with ssh-keygen -Qf i see "debug1:..." So i think, debug
is compiled in.
ssh-keygen --help gives me
ssh-keygen -k -f krl_file [-u] [-s ca_public] [-z version_number] file ...
so... option -z is not the serial of the certificate, it is the
version-number of the KRL-File...
My openssh-Verision from Debian is