Issue #19680 has been reported by Deven Phillips.
----------------------------------------
Bug #19680: puppet ca list --all fails with "Error: The certificate retrieved
from the master does not match the agent's private key."
https://projects.puppetlabs.com/issues/19680
Author: Deven Phillips
Status: Unreviewed
Priority: Normal
Assignee:
Category:
Target version: 3.1.0
Affected Puppet version: 3.1.0
Keywords: puppet ca cert certificate private key mismatch
Branch:
On my puppetmaster server (using Apache, PhusionPassenger, puppet 3.1.0-1 on
Debian Squeeze), attempting to run "puppet ca list --all" fails with:
Error: The certificate retrieved from the master does not match the agent's
private key.
Certificate fingerprint: [[REDACTED]]
To fix this, remove the certificate from both the master and the agent and
then start a puppet run, which will automatically regenerate a certficate.
On the master:
puppet cert clean [[REDACTED]]
On the agent:
rm -f /etc/puppet/ssl/certs/[[REDACTED]].pem
puppet agent -t
Error: Try 'puppet help ca list' for usage
I have used "openssl x509 -in /path/to/cert.pem -fingerprint -md5 -nooout" to
check the fingerprints on all certs and they DO match.
Additionally, running "puppet cert list --all" works without issue.
--
You have received this notification because you have either subscribed to it,
or are involved in it.
To change your notification preferences, please click here:
http://projects.puppetlabs.com/my/account
--
You received this message because you are subscribed to the Google Groups
"Puppet Bugs" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
Visit this group at http://groups.google.com/group/puppet-bugs?hl=en.
For more options, visit https://groups.google.com/groups/opt_out.
