Issue #17672 has been reported by Gary Larizza. ---------------------------------------- Feature #17672: As long as the agent's certificate is not found, the certificate fingerprint should be printed with every Puppet run. https://projects.puppetlabs.com/issues/17672
Author: Gary Larizza Status: Unreviewed Priority: Normal Assignee: Category: Target version: Affected Puppet version: 2.7.19 Keywords: certificate fingerprint agent Branch: Please feel free to clean up the Subject. When an agent generates a certificate signing request, the certificate fingerprint is printed: <pre> info: Creating a new SSL key for new.cert info: Creating a new SSL certificate request for new.cert info: Certificate Request fingerprint (md5): E5:CA:E0:41:EC:94:CA:5C:73:22:7B:79:CE:10:CD:71 Exiting; no certificate found and waitforcert is disabled </pre> As long as a certificate isn't found, Puppet will not connect with the Master and retrieve a catalog. The problem then becomes comparing the certificate fingerprint on the agent with the fingerprint presented to the master (i.e. the output of `puppet cert list`). Right now you can run `puppet agent --fingerprint` to display the certificate fingerprint, but I think it would be helpful if the fingerprint is printed along with the `Exiting; no certificate found and waitforcert is disabled` message (that way you can validate that not only is the certificate coming from WHERE you expect it, but the fingerprint matches exactly). -- You have received this notification because you have either subscribed to it, or are involved in it. To change your notification preferences, please click here: http://projects.puppetlabs.com/my/account -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/puppet-bugs?hl=en.
