On Thu, Aug 12, 2010 at 8:38 AM, Christian <berwangerchrist...@googlemail.com> wrote: > I have installed on the client and on the server puppet version > 0.25.5. > > The setup was successfully tested with Webrick server on the > puppetserver. Afterwards i switched to passenger (2.2.11) and rack > (1.0.1) on the server. > > Puppetmaster starts successfully with an httpd start. > > Making a certificate request works and signing on the server was also > no problem. However afterwards following message appears. > > /usr/sbin/puppetd --server <SERVER_NAME> --waitforcert 60 -- > test --debug --trace --verbose
<snip> > err: Could not retrieve catalog from remote server: Error 403 on > SERVER: Forbidden request: HOSTNAME(IP_ADDRESSE) access to / > certificate_revocation_list/ca [find] at line 0 > warning: Not using cache on failed catalog > err: Could not retrieve catalog; skipping run > > I set the required puppet.conf settings: > [puppetmasterd] > ssl_client_header = SSL_CLIENT_S_DN > ssl_client_verify_header = SSL_CLIENT_VERIFY > > It seems there are quite a lot of issues around those CA errors > already available. However the most were related to older puppet > versions and declared as fixed already. > > Does somebody have an idea what is going wrong here. > > Thanks a lot > > Christian > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To post to this group, send email to puppet-us...@googlegroups.com. > To unsubscribe from this group, send email to > puppet-users+unsubscr...@googlegroups.com. > For more options, visit this group at > http://groups.google.com/group/puppet-users?hl=en. > > Did you modify your auth.conf? Look at your auth.conf and put the following lines near the beginning of the file to ensure that it gets evaluated first: path / auth no allow * If it works, then you can be sure it is some permission or authorization problem. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
