On Tue, Jan 3, 2012 at 10:54 AM, Christopher Johnston
<[email protected]> wrote:
> I have multiple masters (40+) that reside in remote locations, I want to
> have them send puppet inventory data to a central inventory with mysql.
> Once the data is there I would like puppet dashboard installation use that
> data. I have not been able to get the remote masters to send their data
> back to the central server.
>
> I keep getting an error:
>
> err: Could not retrieve catalog from remote server: Error 400 on eth0:
> certificate verify failed. This is often because the time is out of sync on
> the server or client
>
> On the remote inventory server node I am seeing an SSL error, SSL is being
> used to authenticate the nodes in order to send the inventory data to the
> remote inventory server?
Is the inventory server certificate sign by the same CA as the remote masters?
puppet cert -p inventory_server_cert
...
Issuer: CN=Puppet CA ...
puppet master --configprint certname
puppet_master_cert
puppet cert -p puppet_master_cert
...
Issuer: CN=Puppet CA ...
The puppet_master_cert listed above should be in auth.conf as
specified in this doc:
http://docs.puppetlabs.com/pe/1.2/upgrading.html
Specifically:
# Allow puppet master to save facts to the inventory:
path /facts
auth yes
method save
allow <puppet master's certname>
Thanks,
Nan
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
