Hi SirHopcount, How did you install PuppetDB? Is there any chance that any of your certs (agent / master) have changed since the time when you installed?
I've found that sometimes the easiest way to get things fixed up when you have this problem is to do the following: 0) Stop puppetdb 1) remove PuppetDB's SSL directory entirely (usually /etc/puppetdb/ssl) 2) make sure that the agent on the puppetdb machine can run successfully against the master (puppet agent --test, sounds like you've already done this. 3) Run the puppetdb-ssl-setup script (which should be in your sbin directory) 4) Restart puppetdb If that doesn't fix it, the next things I would doublecheck are the values in jetty.ini and that the IP addresses / DNS names for your hosts match up with what their certnames are. Please let us know if this doesn't get you moving and we will be happy to assist further. On Wednesday, September 19, 2012 2:00:49 AM UTC-7, SirHopcount wrote: > > Hi All, > > I am having some problems getting PuppetDB and SSL to work. I build an > test environment in Vagrant without any problems but when it try and deploy > it to my production environment I can't seem to get it to work with SSL. I > followed the instructions on the puppetlabs website and I made sure I could > do an successful puppet run before installing PuppetDB: > > (changed the hostname/company name) > > # puppet agent --test > info: Caching catalog for hostname.company.local > info: Applying configuration version '1347960542' > notice: Finished catalog run in 2.04 seconds > > But when I try to reach the dashboard it get an error: > > The connection was interrupted > The connection to xxx.xxx.xxx.xxx:8081 was interrupted while the page > was loading. > > When I check the puppetdb log file I see the following error: > > 2012-09-19 10:39:24,016 WARN [qtp1281335597-66] [io.nio] > javax.net.ssl.SSLException: Received fatal alert: unknown_ca > 2012-09-19 10:39:49,182 WARN [qtp1281335597-67] [io.nio] > javax.net.ssl.SSLHandshakeException: null cert chain > 2012-09-19 10:39:49,218 WARN [qtp1281335597-66] [io.nio] > javax.net.ssl.SSLHandshakeException: null cert chain > 2012-09-19 10:39:49,251 WARN [qtp1281335597-67] [io.nio] > javax.net.ssl.SSLProtocolException: handshake alert: no_certificate > > I checked the jetty.ini file and made sure both the keystore and > truststore exist. It also has an key-password and trust-password set. I > changed the jetty.ini file to allow http connections and then I can reach > the dashboard via http without any problems. Does anybody have an idea what > could be wrong ? > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/XftI1lGbfloJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
