Issue #20742 has been updated by Mike Szymanski. Assignee deleted (Mike Szymanski)
Here is the curl command (from the HTTP API Docs) that I was using: "curl -k -H 'Accept: s' https://<puppetmaster FQDN>:8140/<environment>/certificate/ca" ---------------------------------------- Bug #20742: unauthenticated clients unable to communicate with puppet master (running in passenger) https://projects.puppetlabs.com/issues/20742#change-91072 * Author: Mike Szymanski * Status: Needs More Information * Priority: Normal * Assignee: * Category: * Target version: * Affected Puppet version: 3.2.0-rc2 * Keywords: * Branch: ---------------------------------------- I am having an issue adding new clients to puppet. The master is not accepting connections from unauthenticated clients, even though my auth.conf that worked with v3.1.1 has not changed. If I test ssl via curl -k, the puppet master returns "can't convert nil into String" to the client. The http log on the master shows a 400 return code. Also note, I'm using passenger & httpd with my puppet master. If I do the certificate generation & signing manually and copy back to the client, it can communicate fine with the master. Here is a snippet of my auth.conf: (I originally had "auth any", but changed to "auth no" to see if it made any difference--which it didn't) <pre> ### Unauthenticated ACLs, for clients without valid certificates; authenticated ### clients can also access these paths, though they rarely need to. # allow access to the CA certificate; unauthenticated nodes need this # in order to validate the puppet master's certificate path /certificate/ca auth no method find allow * # allow nodes to retrieve the certificate they requested earlier path /certificate/ auth no method find allow * # allow nodes to request a new certificate path /certificate_request auth no method find, save allow * </pre> -- You have received this notification because you have either subscribed to it, or are involved in it. To change your notification preferences, please click here: http://projects.puppetlabs.com/my/account -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/puppet-bugs?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
