as it turns out the timzones were different. However , now in /var/log/syslog I get Mar 31 18:39:56 debain_client_host puppetd[19020]: Calling puppetca.getcert Mar 31 18:39:57 debian_client_host puppetd[19020]: Could not request certificate: Certificate retrieval failed: Certificate request does not match existing certificate; run 'puppetca --clean debian_client_host'.
I have cleaned the cert on the puppetmasterd and removed the /etc/puppet/ssl directory on the client several times but still get this error. --debug is on but it does not tell me how the certificate is not matching. Appreciate any assistance, Trevor On Fri, Mar 27, 2009 at 7:53 PM, Jason Rojas <[email protected]>wrote: > > The only time I see these errors is when the date on my client is > screwed up. Sorry if that doesn't help. > > -Jason > > On Mar 27, 2009, at 5:57 PM, Trevor <[email protected]> wrote: > > > > > Hello to All, > > > > > > I've setup 5 centos hosts that all work fine but after signing my > > debian client request I get > > > > > > Certificate validation failed; consider using the certname > > configuration option > > > > on the debian client. Never seen this error message before. Several > > times i've rm -rf /etc/puppet/ssl to force it to issue a new > > certificate request, which the puppetmaster sees ans signs no > > problem. But that signed cert just dosen't work for the client. > > > > /var/log/syslog on debian client. > > > > > > Mar 28 00:41:46 puppetd[25663]: Reopening log files > > Mar 28 00:41:46 puppetd[25663]: Creating a new certificate request > > for host > > Mar 28 00:41:46 puppetd[25663]: Creating a new SSL key at /etc/ > > puppet/ > > ssl/private_keys/host.pem > > Mar 28 00:41:46 puppetd[25663]: Did not receive certificate > > > > Mar 28 00:43:46 puppetd[25663]: Got signed certificate > > Mar 28 00:43:46 puppetd[25663]: Starting Puppet client version 0.24.7 > > Mar 28 00:43:49 puppetd[25663]: Caching catalog at /var/lib/puppet/ > > state/localconfig.yaml > > Mar 28 00:43:49 puppetd[25663]: Starting catalog run > > Mar 28 00:43:49 puppetd[25663]: Certificate validation failed; > > consider using the certname configuration option > > > > this puppet was installed by : apt-get install puppet/experimental > > > > how /etc/hosts has an entry > > > > puppet_master_ip puppet > > > > however this is not the name that is in /etc/puppet/puppet.conf > > > > server=FQDN_of_puppet_master > > > > however my other centos clients have no problems with this. Could > > this be a nsswith.conf issue? Both debian and centos have > > > > host files dns > > > > I dont want to change the > > > > [puppetmasterd] > > certname > > > > as suggest in error message since that would break my other clients, > > as I understand it. > > > > Any assistance is appreciated. > > > > Thanks > > > > > > > > > > > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~----------~----~----~----~------~----~------~--~---
