I've removed /var/lib/puppet and /etc/puppet/ssl multiple times (removing the cert from the puppetmaster as well) with no luck.
The times are in sync... Is really strange. On Feb 22, 12:27 pm, Denmat <tu2bg...@gmail.com> wrote: > Hi, > Not sure on this but it looks like puppet is having issues reading> > /var/lib/puppet/lib > > Other things with SSL issues is to make sure your clocks are up to date, that > you're using the right cert name if needed and DNS working correctly. > > Hope it helps. > > Den > > On 23/02/2011, at 6:53, Roberto Bouza <bouz...@gmail.com> wrote: > > > > > This is the first time is happening... and It happens consecutively > > with all the hosts. > > > Fresh kickstarted host (never set up before the name so its not on the > > revocation list), I just run puppetd -tv (we have autosign on), I just > > get the output below: > > > [root@server182 puppet]# puppetd -tv > > info: Creating a new SSL key for server182.domain.com > > warning: peer certificate won't be verified in this SSL session > > info: Caching certificate for ca > > warning: peer certificate won't be verified in this SSL session > > warning: peer certificate won't be verified in this SSL session > > info: Creating a new SSL certificate request for server182.domain.com > > info: Certificate Request fingerprint (md5): 7A: > > 41:F8:1E:E4:46:21:95:BC:95:D1:D6:C8:1D:88:9F > > warning: peer certificate won't be verified in this SSL session > > warning: peer certificate won't be verified in this SSL session > > info: Caching certificate for server182.domain.com > > info: Retrieving plugin > > err: /File[/var/lib/puppet/lib]: Failed to generate additional > > resources using 'eval_generate': sslv3 alert certificate revoked > > err: /File[/var/lib/puppet/lib]: Could not evaluate: sslv3 alert > > certificate revoked Could not retrieve file metadata for > > puppet://puppet/plugins: > > sslv3 alert certificate revoked > > info: Creating state file /var/lib/puppet/state/state.yaml > > err: Could not retrieve catalog from remote server: sslv3 alert > > certificate revoked > > warning: Not using cache on failed catalog > > err: Could not retrieve catalog; skipping run > > > On the server I get: > > > server182.domain.com (81:41:53:FC:9F:27:EE:46:20:E9:C6:98:59:DF:0A:06) > > (certificate revoked) > > > Something to notice is that the server gets it's IP from the DHCP > > server, then when puppetized the IP gets changed to the one published > > on DNS. But the DNS entry is already there so I don't know if the > > puppetmaster check the IP based on the name and since it's different > > it has this behavior. > > > Any help will be appreciated. > > > Thx. > > > -- > > You received this message because you are subscribed to the Google Groups > > "Puppet Users" group. > > To post to this group, send email to puppet-users@googlegroups.com. > > To unsubscribe from this group, send email to > > puppet-users+unsubscr...@googlegroups.com. > > For more options, visit this group > > athttp://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
