Ok, i've re-read http://reductivelabs.com/trac/puppet/wiki/CertificatesAndSecurity and some things fell into place (though it still doesn't work :) )
So the CA here is my host puppetbeta which is the master. On it i signed the cert that the puppetsun generated when i ran `puppetd -- test` , using `puppetca --sign puppetsun... ` and when i run `puppetca --list --all` it's happily there. Just to be sure though, (going on my former interpretation of 'signed' as 'created') i did the `puppetca --generate puppetsun` and then copied r...@puppetsun:/var/lib/puppet/ssl# find ./ ./ ./private_keys ./private_keys/puppetsun.its.uq.edu.au.pem ./certs ./certs/ca.pem ./certs/puppetsun.its.uq.edu.au.pem ^ these. Upon running puppetd -vt i get: r...@puppetsun:/var/lib/puppet# /opt/csw/bin/puppetd -vt info: Retrieving plugins warning: Certificate validation failed; consider using the certname configuration option err: /File[/var/lib/puppet/lib]: Failed to generate additional resources during transaction: Certificates were not trusted: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed warning: Certificate validation failed; consider using the certname configuration option err: /File[/var/lib/puppet/lib]: Failed to retrieve current state of resource: Certificates were not trusted: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed Could not describe /plugins: Certificates were not trusted: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed err: Could not retrieve catalog: private method `chomp' called for nil:NilClass which remains the exact same error. The two versions i'm running are: Master: [r...@puppetbeta ssl]# puppet --version 0.24.7 Slave: r...@puppetsun:/opt/csw/bin# ./puppet --version 0.24.7 What's the certname option it talks about? cheers chakkerz --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~----------~----~----~----~------~----~------~--~---
