Hello! Background; We're just in the initial stage of setting up a testenv. for checking out puppet. And a working master and client(s) (ver. 2.6.7 is now started on one of our Suse/Linux servers. I'm about to get a working puppet client (on Solaris 10-09) to connect to the above puppet master. I wanted to have it going as fast as possible so I went to http://projects.puppetlabs.com/projects/puppet/wiki/Puppet_Solaris >From there I was lead to Blastwave and installed it the easiest way I found;
# /opt/csw/bin/pkgutil -U # /opt/csw/bin/pkgutil --install puppet Everything installed nicely but to my suprise no working default's were setup (???), but that has been done now. The version I received was 2.6.6 When I start my pupppet client I get; ................................................................................................................................... ./sbin/puppetd --server puppet-server.lmera.ericsson.se --waitforcert 60 --verbose --test info: Creating a new SSL key for selix063gh.lmera.ericsson.se warning: peer certificate won't be verified in this SSL session info: Caching certificate for ca warning: peer certificate won't be verified in this SSL session info: Caching certificate for selix063gh.lmera.ericsson.se err: Could not request certificate: Retrieved certificate does not match private key; please remove certificate from server and regenerate it with the current key err: Could not retrieve catalog from remote server: Retrieved certificate does not match private key; warning: Not using cache on failed catalog err: Could not retrieve catalog; skipping run .................................................................................................................................................................. Searching the net suggests removing '/var/opt/csw/puppet/ssl' from client and running puppetca --clean <hostname> (hostname in this case is selix063gh.lmera.ericsson.se) When I issue 'puppetca --clean selix063gh.lmera.ericsson.se' I get a the response; 'Could not find client certificate or request for selix063gh.lmera.ericsson.se' which isn't particurlarly suprising, since this is a new client and one would expect that its unknown to puppetmaster. However looking on the puppetserver the client is all but unknown ... Listing /var/lib/puppet/ssl/ca/signed gives at hand; .................................................................................................................................................................. -rw-r----- 1 puppet puppet 1021 Mar 31 15:09 puppet- server.lmera.ericsson.se.pem -rw-r----- 1 puppet puppet 908 Apr 26 12:34 puppetc1.lmera.ericsson.se.pem -rw-r----- 1 puppet puppet 912 Apr 26 12:34 selix063gh.lmera.ericsson.se.pem .................................................................................................................................................................. and /var/lib/puppet/ssl/ca/inventory.txt shows; .................................................................................................................................................................. # Inventory of signed certificates # SERIAL NOT_BEFORE NOT_AFTER SUBJECT 0x0001 2011-03-30T13:09:33GMT 2016-03-28T13:09:33GMT /CN=Puppet CA: puppet-server.lmera.ericsson.se 0x0002 2011-03-30T13:09:33GMT 2016-03-28T13:09:33GMT /CN=puppet- server.lmera.ericsson.se 0x0003 2011-04-20T12:11:44GMT 2016-04-18T12:11:44GMT / CN=puppetc1.lmera.ericsson.se 0x0004 2011-04-25T10:34:09GMT 2016-04-23T10:34:09GMT / CN=selix063gh.lmera.ericsson.se 0x0005 2011-04-25T10:34:09GMT 2016-04-23T10:34:09GMT / CN=puppetc1.lmera.ericsson.se .................................................................................................................................................................. Being a puppet rockie it appears that something is very wrong. Err. msg. says 'remove certificate from server' and when i try that from puppetmasterd, I'll get a msg. saying that there is no certificate for the hostname. Removing /var/opt/csw/puppet/ssl from client and running puppetca -- clean <hostname> does not change anything I'll get the same error message nomatter what I try. Anyone having a way out of this ? Rgds, Mat -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
