On Sun, Jan 31, 2010 at 11:13 AM, Alan Sparks <[email protected]>wrote:
> I've a manifest that is trying to use a fileserver resource I've > configured on a second puppetmaster. The second puppetmaster is > actually working as the main puppetmaster for my domain - this new > puppetmaster is one I've set up to test migrating to new manifests. > To simplify an environment with multi puppetmasters, your primary puppetmaster should serve as the CA for all clients as well the secondary puppet masters. you can disable the CA functionality on the secondary puppet masters as follows. [puppetmasterd] ca = false then the clients should specify which CA they will use [puppetd] ca_server = primarypuppetmaster.blah.net the secondary puppet masters should authenticate with the primary puppetmaster before any clients connect. Let me know if this resolves your issue. -Dan > Unfortunately, I've re-entered SSL hell trying to access the "software" > fileserver on the second puppetmaster: > Failed to retrieve current state of resource: Certificates were not > trusted: certificate verify failed Could not describe > /software/stock-rx-db.sql: Certificates were not trusted: certificate > verify failed > > Trying to use a reference like: > source => "puppet://$my_sw_fileserver/software/stock-rx-db.sql" > > This is on Puppet 0.24.8. Is there something "special" that needs to be > done to have a Puppet client trust a second fileserver/puppetmaster? > > Thanks in advance for any advice. > -Alan > > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To post to this group, send email to [email protected]. > To unsubscribe from this group, send email to > [email protected]<puppet-users%[email protected]> > . > For more options, visit this group at > http://groups.google.com/group/puppet-users?hl=en. > > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
