Hello Everybody, I do
curl -vs --key /etc/foreman-proxy/foreman_ssl_key.pem --cacert /etc/foreman-proxy/foreman_ssl_ca.pem --cert /etc/foreman-proxy/foreman_ssl_cert.pem https://puppet.example.com:9090/features It works well and when i do curl -vs --key /etc/foreman-proxy/foreman_ssl_key.pem --cacert /etc/foreman-proxy/foreman_ssl_ca.pem --cert /etc/foreman-proxy/foreman_ssl_cert.pem https://puppet.example.com:9090/puppet/environments I get this error Failed to list puppet environments: SSL_CTX_use_PrivateKey: key values mismatch Can anyone help me ? CentOS Linux release 7.2.1511 puppetserver-2.7.2-1 puppet-agent-1.10.0-1 foreman-proxy-1.14.3-1 foreman-proxy-content-3.3.1-1 I have foreman smart proxy with katello, and a smart proxy with puppetca and master I have the same result from puppet.example.com or katello.example.com from smart proxy with puppetca and master -> puppet.example.com cat /etc/foreman-proxy/settings.d/puppet_proxy_puppet_api.yml # # puppet_proxy_pupppet_api module is used for puppet versions 4.0 and higher # # puppet_proxy_pupppet_api is configured automatcially based on # :puppet_version setting in smart-proxy's puppet.yml configuration file. # --- # URL of the puppet master itself for API requests. :puppet_url: https://puppet.example.com:8140 # # SSL certificates used to access the puppet API :puppet_ssl_ca: /etc/puppetlabs/puppet/ssl/certs/ca.pem :puppet_ssl_cert: /etc/puppetlabs/puppet/ssl/certs/puppet.example.com.pem :puppet_ssl_key: /var/lib/puppet/ssl/private_keys/puppet.example.com.pem curl -vs --key /etc/puppetlabs/puppet/ssl/private_keys/puppet.example.com.pem --cacert /etc/puppetlabs/puppet/ssl/certs/ca.pem --cert /etc/puppetlabs/puppet/ssl/certs/puppet.example.com.pem https://puppet.example.com:8140/puppet/v3/environments * About to connect() to puppet.example.com port 8140 (#0) * Trying 10.223.23.171... * Connected to puppet.example.com (10.223.23.171) port 8140 (#0) * Initializing NSS with certpath: sql:/etc/pki/nssdb * CAfile: /etc/puppetlabs/puppet/ssl/certs/ca.pem CApath: none * NSS: client certificate from file * subject: CN=puppet.example.com * start date: May 02 14:59:10 2017 GMT * expire date: May 02 14:59:10 2022 GMT * common name: puppet.example.com * issuer: CN=Puppet CA: puppet.example.com * SSL connection using TLS_RSA_WITH_AES_256_CBC_SHA * Server certificate: * subject: CN=puppet.example.com * start date: May 01 14:06:20 2017 GMT * expire date: May 01 14:06:20 2022 GMT * common name: puppet.example.com * issuer: CN=Puppet CA: puppet.example.com > GET /puppet/v3/environments HTTP/1.1 > User-Agent: curl/7.29.0 > Host: puppet.example.com:8140 > Accept: */* > < HTTP/1.1 200 OK < Date: Wed, 03 May 2017 15:00:40 GMT < Content-Type: application/json < X-Puppet-Version: 4.10.0 < Content-Length: 721 < Server: Jetty(9.2.z-SNAPSHOT) < * Connection #0 to host puppet.example.com left intact {"search_paths":["file:///etc/puppetlabs/code/environments","data:text/plain,internal"],"environments":{"test":{"settings":{"modulepath":["/etc/puppetlabs/code/environments/test/modules","/etc/puppetlabs/code/environments/common","/etc/puppetlabs/code/modules","/opt/puppetlabs/puppet/modules"],"manifest":"/etc/puppetlabs/code/environments/test/manifests","environment_timeout":0,"config_version":""}},"production":{"settings":{"modulepath":["/etc/puppetlabs/code/environments/production/modules","/etc/puppetlabs/code/environments/common","/etc/puppetlabs/code/modules","/opt/puppetlabs/puppet/modules"],"manifest":"/etc/puppetlabs/code/environments/production/manifests","environment_timeout":0,"config_version":""}}} It works well -- You received this message because you are subscribed to the Google Groups "Foreman users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at https://groups.google.com/group/foreman-users. For more options, visit https://groups.google.com/d/optout.
