Hey Guys!! Thanks for your input! Well it turns out there were some weird things going on with the dns server. Once I addressed those and rm'd the ssl directories (server and client side) and restarted the process everything works!!!
[root@VIRTCENT04:~] #puppetd --test virtcent13.summitnjhome.com --waitforcert 15warning: peer certificate won't be verified in this SSL session warning: peer certificate won't be verified in this SSL session warning: peer certificate won't be verified in this SSL session warning: peer certificate won't be verified in this SSL session notice: Did not receive certificate warning: peer certificate won't be verified in this SSL session notice: Did not receive certificate warning: peer certificate won't be verified in this SSL session info: Caching certificate for virtcent04.summitnjhome.com info: Caching certificate_revocation_list for ca info: Caching catalog for virtcent04.summitnjhome.com info: Applying configuration version '1297007418' info: Creating state file /var/lib/puppet/state/state.yaml notice: Finished catalog run in 0.04 seconds HUZZAH!!! Onto the task of creating my puppet config! :-) On Sun, Feb 6, 2011 at 10:25 AM, Rich Rauenzahn <[email protected]> wrote: > On Sat, Feb 5, 2011 at 7:54 PM, Tim Dunphy <[email protected]> wrote: >> Hello list!! >> >> I am a new puppet user and I am having trouble getting the server to >> verify the client cert. I know this has been covered before but I have >> tried several things and no luck as of yet. > > This probably isn't your problem, but I want to post an experience I > had with getting the certificates to validate. > > We inadvertently removed /var/lib/puppet/ssl on the puppetmaster and > needed to recertify all of the clients against the new CA the > puppetmaster created. The clients would sort of half validate, but > still had cert errors. I checked their clocks, I removed the ssl > directory on the client, I removed all the files in /var/lib/puppet -- > nothing worked. > > Finally I remembered our puppetmaster is front-ended by nginx -- and > it also uses the puppet ssl keys -- and I hadn't restarted it since > changing the puppetmaster's keys, etc. > > Once I restarted it, everything worked again. > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To post to this group, send email to [email protected]. > To unsubscribe from this group, send email to > [email protected]. > For more options, visit this group at > http://groups.google.com/group/puppet-users?hl=en. > > -- GPG me!! gpg --keyserver pool.sks-keyservers.net --recv-keys F186197B -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
