Also localtime on both boxes seem to be in lockstep and have a cron job that runs ntpdate once a day.
[root@virtcent13:/var/lib/puppet/ssl/certs] #date Sat Feb 5 23:24:46 EST 2011 [root@virtcent10:~] #date Sat Feb 5 23:24:45 EST 2011 (the one second difference was me switching terminals and typing the command) :) On Sat, Feb 5, 2011 at 10:54 PM, Tim Dunphy <[email protected]> wrote: > Hello list!! > > I am a new puppet user and I am having trouble getting the server to > verify the client cert. I know this has been covered before but I have > tried several things and no luck as of yet. > > If I run a puppet test --waitfor cert in the client this is what I get. > > [root@VIRTCENT10:~] #puppetd --test --waitforcert 15 > warning: peer certificate won't be verified in this SSL session > warning: peer certificate won't be verified in this SSL session > warning: peer certificate won't be verified in this SSL session > warning: peer certificate won't be verified in this SSL session > notice: Did not receive certificate > warning: peer certificate won't be verified in this SSL session > notice: Did not receive certificate > warning: peer certificate won't be verified in this SSL session > info: Caching certificate for virtcent10.summitnjhome.com > err: Could not retrieve catalog from remote server: hostname not match > with the server certificate > warning: Not using cache on failed catalog > err: Could not retrieve catalog; skipping run > > > I found a useful link on this problem here: > > http://www.mailinglistarchive.com/html/[email protected]/2010-04/msg00670.html > > and I thought that the problem may have been that I did not specify > the fqdn of the server on the puppetd --test command I had used. So I > rm'd the puppet directory in /var/lib and the config directory in /etc > and then reinstalled the puppet client. Then I ran puppecta --clean > virtcent10.summitnjhome.com on the server. > > At that point I ran the command again specifying the fqdn of the server. > > [root@VIRTCENT10:~] #puppetd --test virtcent13.summitnjhome.com --waitforcert > 15 > warning: peer certificate won't be verified in this SSL session > warning: peer certificate won't be verified in this SSL session > warning: peer certificate won't be verified in this SSL session > warning: peer certificate won't be verified in this SSL session > notice: Did not receive certificate > warning: peer certificate won't be verified in this SSL session > notice: Did not receive certificate > warning: peer certificate won't be verified in this SSL session > notice: Did not receive certificate > warning: peer certificate won't be verified in this SSL session > notice: Did not receive certificate > warning: peer certificate won't be verified in this SSL session > info: Caching certificate for virtcent10.summitnjhome.com > err: Could not retrieve catalog from remote server: hostname not match > with the server certificate > warning: Not using cache on failed catalog > err: Could not retrieve catalog; skipping run > > I'm enclosing more verbose output of puppet test in a hope that a > solution to this problem can be found. > > Thanks in advance! > > > > > -- > GPG me!! > > gpg --keyserver pool.sks-keyservers.net --recv-keys F186197B > -- GPG me!! gpg --keyserver pool.sks-keyservers.net --recv-keys F186197B -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
