Hi Manula, 1) I moved ssl to temporary folder in puppet agent. : ssl sudo mv /var/lib/puppet/ssl /var/lib/puppet/s4 2) delete the certificates in agent : sudo find /var/lib/puppet/ssl -name 009209021511.default.nodejsdevelopment.puppet.pem -delete 3) in master also i have cleared the certificates.
Then i ran puppet agent again. Following is the output I get. ubuntu@009209021511:~$ sudo puppet agent --disable && sudo puppet agent --enable && sudo puppet agent -vt --waitforcert=60 Warning: Setting templatedir is deprecated. See http://links.puppetlabs.com/env-settings-deprecations (at /usr/lib/ruby/vendor_ruby/puppet/settings.rb:1139:in `issue_deprecation_warning') Info: Creating a new SSL key for 009209021511.default.nodejsdevelopment.puppet Info: csr_attributes file loading from /etc/puppet/csr_attributes.yaml Info: Creating a new SSL certificate request for 009209021511.default.nodejsdevelopment.puppet Info: Certificate Request fingerprint (SHA256): 17:55:A8:4A:18:C7:57:3F:93:74:B8:AB:C3:15:33:9F:EF:53:99:2F:9E:75:D1:8B:97:4A:6E:FF:8F:1D:20:B6 Info: Caching certificate for 009209021511.default.nodejsdevelopment.puppet Info: Caching certificate_revocation_list for ca *Error: Could not request certificate: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed: [certificate revoked for /CN=puppet]* On Mon, Feb 9, 2015 at 12:29 PM, Manula Waidyanatha <[email protected]> wrote: > "Exiting; failed to retrieve certificate and waitforcert is disabled" > This log says it is waiting for master to sign its certificate. > > If type puppet cert list it wil list all the unsigned certs. > > To fix this you have to manually sign the certificate. > puppet cert sign 009209021511.default.nodejsdevelopment.puppet > > > > > On Mon, Feb 9, 2015 at 12:18 PM, Hasitha Weerasinghe <[email protected]> > wrote: > >> The contents of my puppet masters puppet.conf is follows >> >> >> [main] >> logdir=/var/log/puppet >> vardir=/var/lib/puppet >> ssldir=/var/lib/puppet/ssl >> rundir=/var/run/puppet >> factpath=$vardir/lib/facter >> templatedir=$confdir/templates >> debug=true >> verbose=true >> prerun_command=/etc/puppet/etckeeper-commit-pre >> postrun_command=/etc/puppet/etckeeper-commit-post >> >> >> [master] >> # These are needed when the puppetmaster is run by passenger >> # and can safely be removed if webrick is used. >> ssl_client_header = SSL_CLIENT_S_DN >> ssl_client_verify_header = SSL_CLIENT_VERIFY >> autosign=true >> >> [appfactory] >> environment=appfactory >> >> modulepath=/home/ubuntu/product-af/modules/puppet-manifests/appfactory/modules >> >> templatedir=/home/ubuntu/product-af/modules/puppet-manifests/appfactory/templates >> >> manifest=/home/ubuntu/product-af/modules/puppet-manifests/appfactory/manifests/site.pp >> >> manifestdir=/home/ubuntu/product-af/modules/puppet-manifests/appfactory/manifests/ >> >> >> >> >> >> On Mon, Feb 9, 2015 at 11:51 AM, Manula Waidyanatha <[email protected]> >> wrote: >> >>> Hi Hasith, >>> Looks like autosign is disabled in your puppet masters puppet.conf file. >>> >>> On Mon, Feb 9, 2015 at 11:10 AM, Hasitha Weerasinghe <[email protected]> >>> wrote: >>> >>>> Hi All, >>>> >>>> I followed Apache stratos 4.0.0 [1] >>>> <https://cwiki.apache.org/confluence/display/STRATOS/4.0.0+Creating+a+Cartridge+on+OpenStack> >>>> to create a Nodejs cartridge in openstack. I have added Nodejs puppet >>>> modules to my puppet master following this blog [2] >>>> <http://blog.lasindu.com/2014/08/apache-stratos-how-nodejs-cartridge.html>. >>>> When the successfully build artifact is deployed in s2gitblit, the Nodejs >>>> cartridge instance get spawned. But artifact is not getting deployed in >>>> cartridge. I have cleared the puppet certificates before creating the >>>> snapshot. >>>> >>>> >>>> *puppet_log* file :- >>>> >>>> Removing all existing certificates .. >>>> >>>> Node Id 009209021511.default.nodejsdevelopment >>>> >>>> >>>> Domain puppet >>>> >>>> * Restarting puppet agent >>>> ...done. >>>> hostname stop/waiting >>>> ^[[0;32mInfo: Creating a new SSL key for >>>> 009209021511.default.nodejsdevelopment.puppet^[[0m >>>> ^[[0;32mInfo: csr_attributes file loading from >>>> /etc/puppet/csr_attributes.yaml^[[0m >>>> ^[[0;32mInfo: Creating a new SSL certificate request for >>>> 009209021511.default.nodejsdevelopment.puppet^[[0m >>>> ^[[0;32mInfo: Certificate Request fingerprint (SHA256): >>>> 95:37:CD:32:B1:F9:CF:2B:4F:AD:3C:94:A6:3D:28:9E:29:0E:66:B5:FA:2A:D6:55:08:F6:2D:C4:3E:D9:45:F6^[[0m >>>> ^[[0;32mInfo: Caching certificate for >>>> 009209021511.default.nodejsdevelopment.puppet^[[0m >>>> Exiting; failed to retrieve certificate and waitforcert is disabled >>>> Initialization completed successfully. >>>> >>>> >>>> [1] >>>> https://cwiki.apache.org/confluence/display/STRATOS/4.0.0+Creating+a+Cartridge+on+OpenStack >>>> [2] >>>> http://blog.lasindu.com/2014/08/apache-stratos-how-nodejs-cartridge.htm >>>> l >>>> >>>> -- >>>> *Hasitha Weerasinghe* >>>> *Software Engineer Intern - WSO2 <http://wso2.com/> * >>>> Mobile : +94 776 33 6626 >>>> Email : [email protected] >>>> >>>> >>>> >>>> _______________________________________________ >>>> Dev mailing list >>>> [email protected] >>>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>>> >>>> >>> >>> >>> -- >>> Regards, >>> Manula Waidyanatha >>> Systems Engineer, WSO2, Inc. >>> Phone: +94 774 195853 >>> Blog: blog.manula.org >>> >> >> >> >> -- >> *Hasitha Weerasinghe* >> *Software Engineer Intern - WSO2 <http://wso2.com/> * >> Mobile : +94 776 33 6626 >> Email : [email protected] >> >> >> >> >> > > > -- > Regards, > Manula Waidyanatha > Systems Engineer, WSO2, Inc. > Phone: +94 774 195853 > Blog: blog.manula.org > -- *Hasitha Weerasinghe* *Software Engineer Intern - WSO2 <http://wso2.com/> * Mobile : +94 776 33 6626 Email : [email protected]
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
