Issue #9084 has been updated by Nilesh L.
folks seem to have found a workaround http://groups.google.com/group/puppet-users/msg/72bf694d4e2f3012 http://urgetopunt.com/puppet/2011/09/14/puppet-ruby19.html ---------------------------------------- Bug #9084: Mixing and matching ruby versions for puppetmasterd and puppetd causes a "certificate verify failed" error https://projects.puppetlabs.com/issues/9084 Author: Omar Qureshi Status: Accepted Priority: Normal Assignee: Category: ruby19 Target version: 2.7.x Affected Puppet version: 2.7.3 Keywords: ssl ruby19 ree centos certificate verify failed Branch: Having realised that puppet now works on Ruby 1.9, I decided to forgo the installation of REE and just use Ruby 1.9.2 (installed via RVM) instead for installing puppet. However, doing so and trying to connect for the initial sign to the puppetmaster results in the following error on the client: err: Could not request certificate: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed. This is often because the time is out of sync on the server or client First thing I did was made sure ntpd was running on both machines and made sure they were synced to the same server, after that the date difference between the two servers was negligible (couple of ms). Looking on the puppetmaster in the masterhttp.log file I get: [2011-08-17 23:42:30] ERROR OpenSSL::SSL::SSLError: SSL_accept returned=1 errno=0 state=SSLv3 read client certificate A: tlsv1 alert unknown ca /usr/local/rvm/gems/ree-1.8.7-2011.03@puppet/gems/puppet-2.7.3/lib/puppet/network/http/webrick.rb:44:in `accept' /usr/local/rvm/gems/ree-1.8.7-2011.03@puppet/gems/puppet-2.7.3/lib/puppet/network/http/webrick.rb:44:in `listen' /usr/local/rvm/rubies/ree-1.8.7-2011.03/lib/ruby/1.8/webrick/server.rb:173:in `call' /usr/local/rvm/rubies/ree-1.8.7-2011.03/lib/ruby/1.8/webrick/server.rb:173:in `start_thread' /usr/local/rvm/rubies/ree-1.8.7-2011.03/lib/ruby/1.8/webrick/server.rb:162:in `start' /usr/local/rvm/rubies/ree-1.8.7-2011.03/lib/ruby/1.8/webrick/server.rb:162:in `start_thread' /usr/local/rvm/rubies/ree-1.8.7-2011.03/lib/ruby/1.8/webrick/server.rb:95:in `start' /usr/local/rvm/rubies/ree-1.8.7-2011.03/lib/ruby/1.8/webrick/server.rb:92:in `each' /usr/local/rvm/rubies/ree-1.8.7-2011.03/lib/ruby/1.8/webrick/server.rb:92:in `start' /usr/local/rvm/rubies/ree-1.8.7-2011.03/lib/ruby/1.8/webrick/server.rb:23:in `start' /usr/local/rvm/rubies/ree-1.8.7-2011.03/lib/ruby/1.8/webrick/server.rb:82:in `start' /usr/local/rvm/gems/ree-1.8.7-2011.03@puppet/gems/puppet-2.7.3/lib/puppet/network/http/webrick.rb:42:in `listen' /usr/local/rvm/gems/ree-1.8.7-2011.03@puppet/gems/puppet-2.7.3/lib/puppet/network/http/webrick.rb:41:in `initialize' /usr/local/rvm/gems/ree-1.8.7-2011.03@puppet/gems/puppet-2.7.3/lib/puppet/network/http/webrick.rb:41:in `new' /usr/local/rvm/gems/ree-1.8.7-2011.03@puppet/gems/puppet-2.7.3/lib/puppet/network/http/webrick.rb:41:in `listen' /usr/local/rvm/gems/ree-1.8.7-2011.03@puppet/gems/puppet-2.7.3/lib/puppet/network/http/webrick.rb:38:in `synchronize' /usr/local/rvm/gems/ree-1.8.7-2011.03@puppet/gems/puppet-2.7.3/lib/puppet/network/http/webrick.rb:38:in `listen' /usr/local/rvm/gems/ree-1.8.7-2011.03@puppet/gems/puppet-2.7.3/lib/puppet/network/server.rb:127:in `listen' /usr/local/rvm/gems/ree-1.8.7-2011.03@puppet/gems/puppet-2.7.3/lib/puppet/network/server.rb:142:in `start' /usr/local/rvm/gems/ree-1.8.7-2011.03@puppet/gems/puppet-2.7.3/lib/puppet/daemon.rb:124:in `start' /usr/local/rvm/gems/ree-1.8.7-2011.03@puppet/gems/puppet-2.7.3/lib/puppet/application/master.rb:202:in `main' /usr/local/rvm/gems/ree-1.8.7-2011.03@puppet/gems/puppet-2.7.3/lib/puppet/application/master.rb:144:in `run_command' /usr/local/rvm/gems/ree-1.8.7-2011.03@puppet/gems/puppet-2.7.3/lib/puppet/application.rb:307:in `run' /usr/local/rvm/gems/ree-1.8.7-2011.03@puppet/gems/puppet-2.7.3/lib/puppet/application.rb:411:in `hook' /usr/local/rvm/gems/ree-1.8.7-2011.03@puppet/gems/puppet-2.7.3/lib/puppet/application.rb:307:in `run Ruby version on puppetmasterd is REE 2011.03. Ruby version on puppetd node is 1.9.2p290. Both running on CentOS 5.6 64-bit. Can anyone else replicate this and clarify this? Many thanks in advance! -- You have received this notification because you have either subscribed to it, or are involved in it. To change your notification preferences, please click here: http://projects.puppetlabs.com/my/account -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/puppet-bugs?hl=en.
