Skip to content

Instantly share code, notes, and snippets.

@malnick

malnick/gist:8962551

Created February 12, 2014 19:16
Show Gist options
  • Save malnick/8962551 to your computer and use it in GitHub Desktop.
Save malnick/8962551 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
gistfile1.txt
On my agent:
root@timeagent puppet]# rm -rf ssl/
[root@timeagent puppet]# puppet agent -t
Info: Creating a new SSL key for timeagent.puppetlabs.vm
Info: Caching certificate for ca
Info: Creating a new SSL certificate request for timeagent.puppetlabs.vm
Info: Certificate Request fingerprint (SHA256): F7:58:9F:AC:92:9E:44:61:BE:51:05:7D:BB:55:1E:1F:7B:78:A6:7C:09:4D:65:6D:B5:59:8E:AC:B9:CC:D2:E0
Exiting; no certificate found and waitforcert is disabled
[root@timeagent puppet]# puppet agent -t
Info: Caching certificate for timeagent.puppetlabs.vm
Warning: Unable to fetch my node definition, but the agent run will continue:
Warning: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed: [certificate signature failure for /CN=master.puppetlabs.vm]
Info: Retrieving plugin
Error: /File[/var/opt/lib/pe-puppet/lib]: Failed to generate additional resources using 'eval_generate: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed: [certificate signature failure for /CN=master.puppetlabs.vm]
Error: /File[/var/opt/lib/pe-puppet/lib]: Could not evaluate: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed: [certificate signature failure for /CN=master.puppetlabs.vm] Could not retrieve file metadata for puppet://master.puppetlabs.vm/plugins: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed: [certificate signature failure for /CN=master.puppetlabs.vm]
Info: Loading facts in /etc/puppetlabs/puppet/modules/fundamentals/lib/facter/root_ssh_key.rb
Info: Loading facts in /etc/puppetlabs/puppet/modules/fundamentals/lib/facter/fundamentals_pe_version.rb
Info: Loading facts in /var/opt/lib/pe-puppet/lib/facter/iptables_version.rb
Info: Loading facts in /var/opt/lib/pe-puppet/lib/facter/postgres_default_version.rb
Info: Loading facts in /var/opt/lib/pe-puppet/lib/facter/custom_auth_conf.rb
Info: Loading facts in /var/opt/lib/pe-puppet/lib/facter/root_ssh_key.rb
Info: Loading facts in /var/opt/lib/pe-puppet/lib/facter/puppetdb_server_status.rb
Info: Loading facts in /var/opt/lib/pe-puppet/lib/facter/ip6tables_version.rb
Info: Loading facts in /var/opt/lib/pe-puppet/lib/facter/iptables_persistent_version.rb
Info: Loading facts in /var/opt/lib/pe-puppet/lib/facter/fundamentals_pe_version.rb
Info: Loading facts in /var/opt/lib/pe-puppet/lib/facter/concat_basedir.rb
Info: Loading facts in /var/opt/lib/pe-puppet/lib/facter/pe_version.rb
Info: Loading facts in /var/opt/lib/pe-puppet/lib/facter/windows.rb
Info: Loading facts in /var/opt/lib/pe-puppet/lib/facter/root_home.rb
Info: Loading facts in /var/opt/lib/pe-puppet/lib/facter/puppet_vardir.rb
Info: Loading facts in /var/opt/lib/pe-puppet/lib/facter/facter_dot_d.rb
Error: Could not retrieve catalog from remote server: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed: [certificate signature failure for /CN=master.puppetlabs.vm]
Warning: Not using cache on failed catalog
Error: Could not retrieve catalog; skipping run
Error: Could not send report: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed: [certificate signature failure for /CN=master.puppetlabs.vm]
[root@timeagent puppet]#
On my master:
[root@master puppet]# puppet cert --list
"timeagent.puppetlabs.vm" (SHA256) F7:58:9F:AC:92:9E:44:61:BE:51:05:7D:BB:55:1E:1F:7B:78:A6:7C:09:4D:65:6D:B5:59:8E:AC:B9:CC:D2:E0
[root@master puppet]# puppet cert sign --all
Notice: Signed certificate request for timeagent.puppetlabs.vm
Notice: Removing file Puppet::SSL::CertificateRequest timeagent.puppetlabs.vm at '/etc/puppetlabs/puppet/ssl/ca/requests/timeagent.puppetlabs.vm.pem'
Notice:
Notice: You have 2 active and no inactive nodes.
Notice: You are currently licensed for 10 active nodes.
Notice:
Notice: This Puppet Enterprise distribution is licensed to:
Notice: N/A
You are using a complimentary ten node license provided free by Puppet Labs.
Notice:
Notice: Your complimentary license does not include Support & Maintenance. If you
Notice: would like to obtain official Support & Maintenance, please contact us
Notice: for pricing, and to find out about volume discounts.
But my master also can not auth to itself:
[root@master puppet]# puppet agent -t
Warning: Unable to fetch my node definition, but the agent run will continue:
Warning: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed: [certificate signature failure for /CN=master.puppetlabs.vm]
Info: Retrieving plugin
Error: /File[/var/opt/lib/pe-puppet/lib]: Failed to generate additional resources using 'eval_generate: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed: [certificate signature failure for /CN=master.puppetlabs.vm]
Error: /File[/var/opt/lib/pe-puppet/lib]: Could not evaluate: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed: [certificate signature failure for /CN=master.puppetlabs.vm] Could not retrieve file metadata for puppet://master.puppetlabs.vm/plugins: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed: [certificate signature failure for /CN=master.puppetlabs.vm]
Info: Loading facts in /opt/puppet/share/puppet/modules/postgresql/lib/facter/postgres_default_version.rb
Info: Loading facts in /opt/puppet/share/puppet/modules/pe_puppetdb/lib/facter/puppetdb_server_status.rb
Info: Loading facts in /opt/puppet/share/puppet/modules/stdlib/lib/facter/pe_version.rb
Info: Loading facts in /opt/puppet/share/puppet/modules/stdlib/lib/facter/root_home.rb
Info: Loading facts in /opt/puppet/share/puppet/modules/stdlib/lib/facter/puppet_vardir.rb
Info: Loading facts in /opt/puppet/share/puppet/modules/stdlib/lib/facter/facter_dot_d.rb
Info: Loading facts in /opt/puppet/share/puppet/modules/firewall/lib/facter/iptables_version.rb
Info: Loading facts in /opt/puppet/share/puppet/modules/firewall/lib/facter/ip6tables_version.rb
Info: Loading facts in /opt/puppet/share/puppet/modules/firewall/lib/facter/iptables_persistent_version.rb
Info: Loading facts in /opt/puppet/share/puppet/modules/pe_common/lib/facter/windows.rb
Info: Loading facts in /opt/puppet/share/puppet/modules/auth_conf/lib/facter/custom_auth_conf.rb
Info: Loading facts in /opt/puppet/share/puppet/modules/fundamentals/lib/facter/root_ssh_key.rb
Info: Loading facts in /opt/puppet/share/puppet/modules/fundamentals/lib/facter/fundamentals_pe_version.rb
Info: Loading facts in /opt/puppet/share/puppet/modules/concat/lib/facter/concat_basedir.rb
Info: Loading facts in /var/opt/lib/pe-puppet/lib/facter/iptables_version.rb
Info: Loading facts in /var/opt/lib/pe-puppet/lib/facter/postgres_default_version.rb
Info: Loading facts in /var/opt/lib/pe-puppet/lib/facter/custom_auth_conf.rb
Info: Loading facts in /var/opt/lib/pe-puppet/lib/facter/root_ssh_key.rb
Info: Loading facts in /var/opt/lib/pe-puppet/lib/facter/puppetdb_server_status.rb
Info: Loading facts in /var/opt/lib/pe-puppet/lib/facter/ip6tables_version.rb
Info: Loading facts in /var/opt/lib/pe-puppet/lib/facter/iptables_persistent_version.rb
Info: Loading facts in /var/opt/lib/pe-puppet/lib/facter/fundamentals_pe_version.rb
Info: Loading facts in /var/opt/lib/pe-puppet/lib/facter/concat_basedir.rb
Info: Loading facts in /var/opt/lib/pe-puppet/lib/facter/pe_version.rb
Info: Loading facts in /var/opt/lib/pe-puppet/lib/facter/windows.rb
Info: Loading facts in /var/opt/lib/pe-puppet/lib/facter/root_home.rb
Info: Loading facts in /var/opt/lib/pe-puppet/lib/facter/puppet_vardir.rb
Info: Loading facts in /var/opt/lib/pe-puppet/lib/facter/facter_dot_d.rb
Error: Could not retrieve catalog from remote server: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed: [certificate signature failure for /CN=master.puppetlabs.vm]
Warning: Not using cache on failed catalog
Error: Could not retrieve catalog; skipping run
Error: Could not send report: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed: [certificate signature failure for /CN=master.puppetlabs.vm]
[root@master puppet]#
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment