Issue #23061 has been reported by Adam Lewenberg. ---------------------------------------- Bug #23061: Cannot use PuppetDB in a puppet-managed non-production Puppet instance https://projects.puppetlabs.com/issues/23061
* Author: Adam Lewenberg * Status: Unreviewed * Priority: Normal * Assignee: * Category: * Target version: * Affected Puppet version: 2.7.18 * Keywords: * Branch: ---------------------------------------- There seems to be no way to do the following: set up a test-instance of Puppet using PuppetDB that is itself managed by a production Puppet instance. Here are the details. 1. We have a production Puppet environment running Puppet 2.7 on several servers including three servers acting as Puppet Masters, a fourth server that acts as the Puppet CA server, and a fifth server that runs MySQL and contains Puppet stored configs. 2. We have three more servers, servers T1, T2, and T3, different from the servers running our production Puppet instance. Server T1 is configured as a Puppet Master, T2 is a Puppet CA, and T3 is configured to run PuppetDB. These three servers (T1, T2, and T3) act as a test Puppet infrastructure. Note that the Puppet services running on T1, T2, and T3 are separate from the production Puppet services running on the servers listed in #1 above. 3. (Here is the crucial bit.) The three servers T1, T2, and T3 are puppet CLIENTS of the production Puppet service described in #1 above. In this set-up we cannot seem to get the PuppetDB service on T3 to work properly. Every time we attempt to have a Puppet client of the test service check-in, the PuppetDB service on T3 logs the following error: javax.net.ssl.SSLException: Received fatal alert: unknown_ca at sun.security.ssl.Alerts.getSSLException(Alerts.java:208) at sun.security.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1630) ...more stack trace... -- You have received this notification because you have either subscribed to it, or are involved in it. To change your notification preferences, please click here: http://projects.puppetlabs.com/my/account -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/puppet-bugs. For more options, visit https://groups.google.com/groups/opt_out.
