This is a SSL cert issue, not a version issue. You can use puppet cert command on puppet master to check the certificates.
On Mon, Feb 9, 2015 at 3:58 PM, Hasitha Weerasinghe <[email protected]> wrote: > I created a new Ubuntu base image and tried to create a new cartridge. > when I run config.sh, I'm getting following output. > > > Setting up puppet (3.7.4-1puppetlabs1) ... > * Starting puppet > agent > > puppet not configured to start, please edit /etc/default/puppet to enable > > [ OK ] > Processing triggers for libc-bin (2.19-0ubuntu6.5) ... > Processing triggers for ureadahead (0.100.0-16) ... > Copying Stratos facter file to /usr/lib/ruby/1.8 > * Stopping puppet > agent > [ OK ] > Warning: Setting templatedir is deprecated. See > http://links.puppetlabs.com/env-settings-deprecations > (at /usr/lib/ruby/vendor_ruby/puppet/settings.rb:1139:in > `issue_deprecation_warning') > Info: Creating a new SSL key for 182709021544.default.nodejs.af-apptype2 > Info: Caching certificate for ca > Info: csr_attributes file loading from /etc/puppet/csr_attributes.yaml > Info: Creating a new SSL certificate request for > 182709021544.default.nodejs.af-apptype2 > Info: Certificate Request fingerprint (SHA256): > B4:74:16:FE:93:02:7F:27:36:67:7D:42:F0:C3:57:90:D4:0E:3F:94:89:30:BD:DC:3C:41:E8:EA:1C:4F:16:7E > Info: Caching certificate for 182709021544.default.nodejs.af-apptype2 > > *Error: Could not request certificate: SSL_connect returned=1 errno=0 > state=SSLv3 read server certificate B: certificate verify failed: [self > signed certificate in certificate chain for /CN=Puppet CA generated on > puppet.appfactory.private.wso2.com > <http://puppet.appfactory.private.wso2.com>]Exiting; failed to retrieve > certificate and waitforcert is disabled* > /bin/rm: cannot remove > ‘/mnt/apache-stratos-cartridge-agent-4.0.0/wso2carbon.lck’: No such file or > directory > > I noticed that in my puppet master I have puppet version 3.7.3 , In puppet > agent I have puppet version 3.7.4. Can it be the cause ? > > > > > > On Mon, Feb 9, 2015 at 1:04 PM, Hasitha Weerasinghe <[email protected]> > wrote: > >> Hi Manula, >> >> 1) I moved ssl to temporary folder in puppet agent. : ssl sudo mv >> /var/lib/puppet/ssl /var/lib/puppet/s4 >> 2) delete the certificates in agent : sudo find /var/lib/puppet/ssl -name >> 009209021511.default.nodejsdevelopment.puppet.pem -delete >> 3) in master also i have cleared the certificates. >> >> Then i ran puppet agent again. >> >> Following is the output I get. >> >> ubuntu@009209021511:~$ sudo puppet agent --disable && sudo puppet agent >> --enable && sudo puppet agent -vt --waitforcert=60 >> Warning: Setting templatedir is deprecated. See >> http://links.puppetlabs.com/env-settings-deprecations >> (at /usr/lib/ruby/vendor_ruby/puppet/settings.rb:1139:in >> `issue_deprecation_warning') >> Info: Creating a new SSL key for >> 009209021511.default.nodejsdevelopment.puppet >> Info: csr_attributes file loading from /etc/puppet/csr_attributes.yaml >> Info: Creating a new SSL certificate request for >> 009209021511.default.nodejsdevelopment.puppet >> Info: Certificate Request fingerprint (SHA256): >> 17:55:A8:4A:18:C7:57:3F:93:74:B8:AB:C3:15:33:9F:EF:53:99:2F:9E:75:D1:8B:97:4A:6E:FF:8F:1D:20:B6 >> Info: Caching certificate for >> 009209021511.default.nodejsdevelopment.puppet >> Info: Caching certificate_revocation_list for ca >> >> *Error: Could not request certificate: SSL_connect returned=1 errno=0 >> state=SSLv3 read server certificate B: certificate verify failed: >> [certificate revoked for /CN=puppet]* >> >> >> >> On Mon, Feb 9, 2015 at 12:29 PM, Manula Waidyanatha <[email protected]> >> wrote: >> >>> "Exiting; failed to retrieve certificate and waitforcert is disabled" >>> This log says it is waiting for master to sign its certificate. >>> >>> If type puppet cert list it wil list all the unsigned certs. >>> >>> To fix this you have to manually sign the certificate. >>> puppet cert sign 009209021511.default.nodejsdevelopment.puppet >>> >>> >>> >>> >>> On Mon, Feb 9, 2015 at 12:18 PM, Hasitha Weerasinghe <[email protected]> >>> wrote: >>> >>>> The contents of my puppet masters puppet.conf is follows >>>> >>>> >>>> [main] >>>> logdir=/var/log/puppet >>>> vardir=/var/lib/puppet >>>> ssldir=/var/lib/puppet/ssl >>>> rundir=/var/run/puppet >>>> factpath=$vardir/lib/facter >>>> templatedir=$confdir/templates >>>> debug=true >>>> verbose=true >>>> prerun_command=/etc/puppet/etckeeper-commit-pre >>>> postrun_command=/etc/puppet/etckeeper-commit-post >>>> >>>> >>>> [master] >>>> # These are needed when the puppetmaster is run by passenger >>>> # and can safely be removed if webrick is used. >>>> ssl_client_header = SSL_CLIENT_S_DN >>>> ssl_client_verify_header = SSL_CLIENT_VERIFY >>>> autosign=true >>>> >>>> [appfactory] >>>> environment=appfactory >>>> >>>> modulepath=/home/ubuntu/product-af/modules/puppet-manifests/appfactory/modules >>>> >>>> templatedir=/home/ubuntu/product-af/modules/puppet-manifests/appfactory/templates >>>> >>>> manifest=/home/ubuntu/product-af/modules/puppet-manifests/appfactory/manifests/site.pp >>>> >>>> manifestdir=/home/ubuntu/product-af/modules/puppet-manifests/appfactory/manifests/ >>>> >>>> >>>> >>>> >>>> >>>> On Mon, Feb 9, 2015 at 11:51 AM, Manula Waidyanatha <[email protected]> >>>> wrote: >>>> >>>>> Hi Hasith, >>>>> Looks like autosign is disabled in your puppet masters puppet.conf >>>>> file. >>>>> >>>>> On Mon, Feb 9, 2015 at 11:10 AM, Hasitha Weerasinghe < >>>>> [email protected]> wrote: >>>>> >>>>>> Hi All, >>>>>> >>>>>> I followed Apache stratos 4.0.0 [1] >>>>>> <https://cwiki.apache.org/confluence/display/STRATOS/4.0.0+Creating+a+Cartridge+on+OpenStack> >>>>>> to create a Nodejs cartridge in openstack. I have added Nodejs puppet >>>>>> modules to my puppet master following this blog [2] >>>>>> <http://blog.lasindu.com/2014/08/apache-stratos-how-nodejs-cartridge.html>. >>>>>> When the successfully build artifact is deployed in s2gitblit, the Nodejs >>>>>> cartridge instance get spawned. But artifact is not getting deployed in >>>>>> cartridge. I have cleared the puppet certificates before creating the >>>>>> snapshot. >>>>>> >>>>>> >>>>>> *puppet_log* file :- >>>>>> >>>>>> Removing all existing certificates .. >>>>>> >>>>>> Node Id 009209021511.default.nodejsdevelopment >>>>>> >>>>>> >>>>>> Domain puppet >>>>>> >>>>>> * Restarting puppet agent >>>>>> ...done. >>>>>> hostname stop/waiting >>>>>> ^[[0;32mInfo: Creating a new SSL key for >>>>>> 009209021511.default.nodejsdevelopment.puppet^[[0m >>>>>> ^[[0;32mInfo: csr_attributes file loading from >>>>>> /etc/puppet/csr_attributes.yaml^[[0m >>>>>> ^[[0;32mInfo: Creating a new SSL certificate request for >>>>>> 009209021511.default.nodejsdevelopment.puppet^[[0m >>>>>> ^[[0;32mInfo: Certificate Request fingerprint (SHA256): >>>>>> 95:37:CD:32:B1:F9:CF:2B:4F:AD:3C:94:A6:3D:28:9E:29:0E:66:B5:FA:2A:D6:55:08:F6:2D:C4:3E:D9:45:F6^[[0m >>>>>> ^[[0;32mInfo: Caching certificate for >>>>>> 009209021511.default.nodejsdevelopment.puppet^[[0m >>>>>> Exiting; failed to retrieve certificate and waitforcert is disabled >>>>>> Initialization completed successfully. >>>>>> >>>>>> >>>>>> [1] >>>>>> https://cwiki.apache.org/confluence/display/STRATOS/4.0.0+Creating+a+Cartridge+on+OpenStack >>>>>> [2] >>>>>> http://blog.lasindu.com/2014/08/apache-stratos-how-nodejs-cartridge.htm >>>>>> l >>>>>> >>>>>> -- >>>>>> *Hasitha Weerasinghe* >>>>>> *Software Engineer Intern - WSO2 <http://wso2.com/> * >>>>>> Mobile : +94 776 33 6626 >>>>>> Email : [email protected] >>>>>> >>>>>> >>>>>> >>>>>> _______________________________________________ >>>>>> Dev mailing list >>>>>> [email protected] >>>>>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>>>>> >>>>>> >>>>> >>>>> >>>>> -- >>>>> Regards, >>>>> Manula Waidyanatha >>>>> Systems Engineer, WSO2, Inc. >>>>> Phone: +94 774 195853 >>>>> Blog: blog.manula.org >>>>> >>>> >>>> >>>> >>>> -- >>>> *Hasitha Weerasinghe* >>>> *Software Engineer Intern - WSO2 <http://wso2.com/> * >>>> Mobile : +94 776 33 6626 >>>> Email : [email protected] >>>> >>>> >>>> >>>> >>>> >>> >>> >>> -- >>> Regards, >>> Manula Waidyanatha >>> Systems Engineer, WSO2, Inc. >>> Phone: +94 774 195853 >>> Blog: blog.manula.org >>> >> >> >> >> -- >> *Hasitha Weerasinghe* >> *Software Engineer Intern - WSO2 <http://wso2.com/> * >> Mobile : +94 776 33 6626 >> Email : [email protected] >> >> >> >> >> > > > -- > *Hasitha Weerasinghe* > *Software Engineer Intern - WSO2 <http://wso2.com/> * > Mobile : +94 776 33 6626 > Email : [email protected] > > > > > -- Regards, Manula Waidyanatha Systems Engineer, WSO2, Inc. Phone: +94 774 195853 Blog: blog.manula.org
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
