Issue #21386 has been updated by BenoƮt Allard.
Autosign is on
icacls after puppet ran:
C:\Windows\system32>icacls c:\ProgramData\PuppetLabs\puppet\etc\ssl
c:\ProgramData\PuppetLabs\puppet\etc\ssl BUILTIN\Administrators:(F)
NT AUTHORITY\SYSTEM:(RX,W,DC)
Everyone:(Rc,S,X,RA)
CREATOR OWNER:(CI)(IO)(F)
CREATOR GROUP:(CI)(IO)(RX,W,DC)
CREATOR
OWNER:(OI)(IO)(R,W,D,WDAC,WO,DC)
CREATOR GROUP:(OI)(IO)(R,W,DC)
Successfully processed 1 files; Failed processing 0 files
C:\Windows\system32>
The provided sequence of operation doesn't help as the first thing puppet does
when it start is setting back the permissions settings on its own directories
(including puppet\etc\ssl).
This is the output of the reset and the permissions afterwards:
C:\Windows\system32>icacls c:\ProgramData\PuppetLabs\puppet\etc\ssl /reset
/t
processed file: c:\ProgramData\PuppetLabs\puppet\etc\ssl
processed file:
c:\ProgramData\PuppetLabs\puppet\etc\ssl\certificate_requests
processed file: c:\ProgramData\PuppetLabs\puppet\etc\ssl\certs
processed file: c:\ProgramData\PuppetLabs\puppet\etc\ssl\crl.pem
processed file: c:\ProgramData\PuppetLabs\puppet\etc\ssl\private
processed file: c:\ProgramData\PuppetLabs\puppet\etc\ssl\private_keys
processed file: c:\ProgramData\PuppetLabs\puppet\etc\ssl\public_keys
processed file:
c:\ProgramData\PuppetLabs\puppet\etc\ssl\certificate_requests\<certname>.pem
processed file: c:\ProgramData\PuppetLabs\puppet\etc\ssl\certs\ca.pem
processed file:
c:\ProgramData\PuppetLabs\puppet\etc\ssl\certs\<certname>.pem
processed file:
c:\ProgramData\PuppetLabs\puppet\etc\ssl\private_keys\<certname>.pem
processed file:
c:\ProgramData\PuppetLabs\puppet\etc\ssl\public_keys\<certname>.pem
Successfully processed 12 files; Failed processing 0 files
C:\Windows\system32>icacls c:\ProgramData\PuppetLabs\puppet\etc\ssl
c:\ProgramData\PuppetLabs\puppet\etc\ssl NT AUTHORITY\SYSTEM:(I)(OI)(CI)(F)
BUILTIN\Administrators:(I)(OI)(CI)(F)
CREATOR OWNER:(I)(OI)(CI)(IO)(F)
BUILTIN\Users:(I)(OI)(CI)(RX)
BUILTIN\Users:(I)(CI)(WD,AD,WEA,WA)
Successfully processed 1 files; Failed processing 0 files
C:\Windows\system32>
Hope this helps.
----------------------------------------
Bug #21386: Puppet Master (3.2.2/CentOs) -> Puppet Agent (3.2.2/W2008)
https://projects.puppetlabs.com/issues/21386#change-93657
* Author: Darren Ledger
* Status: Needs More Information
* Priority: Normal
* Assignee: Darren Ledger
* Category: SSL
* Target version:
* Affected Puppet version: 3.2.2
* Keywords: 3.2.2, SSL windows
* Branch:
----------------------------------------
Hello,
I am experiencing this issue.
Could not retrieve domain: undefined method `gsub' for nil:NilClass
Could not retrieve domain: undefined method `gsub' for nil:NilClass
Could not retrieve domain: undefined method `gsub' for nil:NilClass
Error: Failed to apply catalog: SSL_connect SYSCALL returned=5 errno=0 state=SSL
v2/v3 read server hello A
With PMaster -> PAgent = 3.2.2 and CentOs, no issue.
Please advise.
--
You have received this notification because you have either subscribed to it,
or are involved in it.
To change your notification preferences, please click here:
http://projects.puppetlabs.com/my/account
--
You received this message because you are subscribed to the Google Groups
"Puppet Bugs" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
Visit this group at http://groups.google.com/group/puppet-bugs.
For more options, visit https://groups.google.com/groups/opt_out.
