On Sep 29, 2010, at 8:31 AM, Nan Liu wrote: > On Wed, Sep 29, 2010 at 8:01 AM, Tim <[email protected]> wrote: >> I've setup the puppetmaster to start 5 processes each listening on a >> different port, with an Apache server in front. This works fine for >> existing clients, however when I try to add a new client (ie. a newly >> installed machine with no previous puppet configuration) I get this >> error: >> >> err: Could not request certificate: sslv3 alert handshake failure >> error >> >> Any ideas what's going wrong? > > Does the new client have a certificate signed by Puppet CA? If not, > can you manually generate and distribute a certificate with pupet cert > -g (puppetca in 0.25.5)? > > Is Apache configured for mandatory ssl? The directive is: > SSLVerifyClient require
Just to clarify, mandatory SSL is bad when using puppet. > Any logs from Apache? > > Thanks, > > Nan -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
