Yes, I do have a hardcoded certificate name in my master section. That's why I my agent cert issue was so unexpected. Oh well, I guess all's well that ends well.
I just think I'll disable the repo and not do upgrades for a long time, now that I'm at 3.1. These little glitches make little grey hairs after awhile and snip off a few minutes of life expectancy. Speaking in generalites, of course. Puppet is wonderful. : -) On Friday, February 8, 2013 3:39:41 PM UTC-5, Jo wrote: > > On Feb 7, 2013, at 5:50 AM, Dominic Cleal wrote: > > Sorta puzzles me. Why would this mismatched agent certificate on > > puppetmaster interfered with other puppet agent runs? > > > The same certificate that is used for the agent on the master server is > also used for the master process itself (inbound connections). > > > Only if you let your puppet server use the host it's running on FQDN, > which I devoutly disagree with in practice. Best to keep them separate by > putting a hardcoded certname in the [master] section to avoid these kinds > of problems. > > -- > Jo Rhett > Net Consonance : net philanthropy to improve open source and internet > projects. > > > > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
