Try puppetd --test --waitforcert 15 I think it's complaining about waitforcert because you need that flag to retrieve the cert from the server.
But it would have been nice to see the actual command you used to produce that error. :) The number is the interval that the puppet client will pause between requests to the server for it's cert and is a required parameter. At that point, back on the server you should see what facter considers to be the fqdn of the requesting machine when you issue puppetca --list Then sign puppetca --sign host.domain.com I'd recommend turning off autosign on the puppet master as it's a security risk. Hope that is helpful. Sent from my iPhone On Mar 11, 2011, at 8:04 AM, Romain Pelisse <bela...@gmail.com> wrote: > Hi, > > I'm using puppet on EC2 to setup my VMs with the following configuration: > > # puppetd --version > 0.25.5 > # uname -a > Linux hostname.domain 2.6.16-xenU #1 SMP Mon May 28 03:41:49 SAST 2007 i686 > i686 i386 GNU/Linux > > But I keep facing some timeout from puppetd: > > warning: peer certificate won't be verified in this SSL session > Exiting; failed to retrieve certificate and waitforcert is disabled > > Puppetmaster is running on autosign, and I can see in the puppetmaster logs > that the puppets are actually able to connect and request a certificate: > > info: Could not find certificate for 'hostname.domain' > > But, nothing else seems to happens on puppetmaster side and the puppetd > finally timeout. > > Did anybody runned into this situation ? Any idea on what could be triggering > this ? > > -- > Romain PELISSE, > "The trouble with having an open mind, of course, is that people will insist > on coming along and trying to put things in it" -- Terry Pratchett > http://belaran.eu/wordpress/belaran > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To post to this group, send email to puppet-users@googlegroups.com. > To unsubscribe from this group, send email to > puppet-users+unsubscr...@googlegroups.com. > For more options, visit this group at > http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
