Issue #13583 has been updated by Patrick Carlisle. Status changed from Unreviewed to Investigating
Hi, Which of these commands are you running on the puppet master and which on the agent? The error you pasted from `puppet cert generate` is consistent with running it on the agent, which I'm not sure makes sense here. I'm also not sure what you need to generate since at this stage (having already done a puppet run) you should already have a certificate and possibly just need to sign it on the master. ---------------------------------------- Bug #13583: Unable to use puppetca https://projects.puppetlabs.com/issues/13583#change-60516 Author: Florian Koch Status: Investigating Priority: High Assignee: Category: Target version: Affected Puppet version: 2.7.12 Keywords: puppetca puppet cert The certificate retrieved from the master does not match the agent's private key. Branch: Hi, i have some wired issue, i have a foreman-proxy server, build from scratch, i can execute puppet cert without problems puppet cert --list --all notice: Signed certificate request for ca notice: Rebuilding inventory file if i run puppet agent to connect the server to my puppetmaster, all went fine, but if i try to generate a cert after the puppetrun i get puppet cert generate test The certificate retrieved from the master does not match the agent's private key. Certificate fingerprint: D1:B4:88:24:24:31:FA:13:90:FA:1F:8A:CB:BF:2D:AB To fix this, remove the certificate from both the master and the agent and then start a puppet run, which will automatically regenerate a certficate. On the master: puppet cert clean foreman-proxya01.example.com On the agent: rm -f /var/lib/puppet/ssl/certs/foreman-proxya01.example.com.pem puppet agent -t if i remove /var/lib/puppet/ssl i can use puppet cert again [root@foreman-proxya01 ~]# puppet cert generate test notice: Signed certificate request for ca notice: Rebuilding inventory file notice: test has a waiting certificate request notice: Signed certificate request for test notice: Removing file Puppet::SSL::CertificateRequest test at '/var/lib/puppet/ssl/ca/requests/test.pem' notice: Removing file Puppet::SSL::CertificateRequest test at '/var/lib/puppet/ssl/certificate_requests/test.pem' err: Could not call generate: Could not find certificate request for test [root@foreman-proxya01 ~]# puppet cert --list --all + test (B3:56:37:6C:9C:8D:FA:C8:62:2A:3E:90:C8:8F:01:4F) [root@foreman-proxya01 ~]# any idea? rgdf flo -- You have received this notification because you have either subscribed to it, or are involved in it. To change your notification preferences, please click here: http://projects.puppetlabs.com/my/account -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/puppet-bugs?hl=en.
