On Sat, Feb 5, 2011 at 7:54 PM, Tim Dunphy <[email protected]> wrote: > Hello list!! > > I am a new puppet user and I am having trouble getting the server to > verify the client cert. I know this has been covered before but I have > tried several things and no luck as of yet.
This probably isn't your problem, but I want to post an experience I had with getting the certificates to validate. We inadvertently removed /var/lib/puppet/ssl on the puppetmaster and needed to recertify all of the clients against the new CA the puppetmaster created. The clients would sort of half validate, but still had cert errors. I checked their clocks, I removed the ssl directory on the client, I removed all the files in /var/lib/puppet -- nothing worked. Finally I remembered our puppetmaster is front-ended by nginx -- and it also uses the puppet ssl keys -- and I hadn't restarted it since changing the puppetmaster's keys, etc. Once I restarted it, everything worked again. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
