Issue #13583 has been updated by Patrick Carlisle. Status changed from Investigating to Needs More Information Assignee set to Florian Koch
---------------------------------------- Bug #13583: Unable to use puppetca https://projects.puppetlabs.com/issues/13583#change-60517 Author: Florian Koch Status: Needs More Information Priority: High Assignee: Florian Koch Category: Target version: Affected Puppet version: 2.7.12 Keywords: puppetca puppet cert The certificate retrieved from the master does not match the agent's private key. Branch: Hi, i have some wired issue, i have a foreman-proxy server, build from scratch, i can execute puppet cert without problems puppet cert --list --all notice: Signed certificate request for ca notice: Rebuilding inventory file if i run puppet agent to connect the server to my puppetmaster, all went fine, but if i try to generate a cert after the puppetrun i get puppet cert generate test The certificate retrieved from the master does not match the agent's private key. Certificate fingerprint: D1:B4:88:24:24:31:FA:13:90:FA:1F:8A:CB:BF:2D:AB To fix this, remove the certificate from both the master and the agent and then start a puppet run, which will automatically regenerate a certficate. On the master: puppet cert clean foreman-proxya01.example.com On the agent: rm -f /var/lib/puppet/ssl/certs/foreman-proxya01.example.com.pem puppet agent -t if i remove /var/lib/puppet/ssl i can use puppet cert again [root@foreman-proxya01 ~]# puppet cert generate test notice: Signed certificate request for ca notice: Rebuilding inventory file notice: test has a waiting certificate request notice: Signed certificate request for test notice: Removing file Puppet::SSL::CertificateRequest test at '/var/lib/puppet/ssl/ca/requests/test.pem' notice: Removing file Puppet::SSL::CertificateRequest test at '/var/lib/puppet/ssl/certificate_requests/test.pem' err: Could not call generate: Could not find certificate request for test [root@foreman-proxya01 ~]# puppet cert --list --all + test (B3:56:37:6C:9C:8D:FA:C8:62:2A:3E:90:C8:8F:01:4F) [root@foreman-proxya01 ~]# any idea? rgdf flo -- You have received this notification because you have either subscribed to it, or are involved in it. To change your notification preferences, please click here: http://projects.puppetlabs.com/my/account -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/puppet-bugs?hl=en.
