Hello, I came looking for this exact error, but specifying "--server puppetmaster.domain" or setting "server = puppetmaster.domain" in puppet.conf doesn't allow a successful run of puppet. The error is the same as Paul had above:
Error: Could not request certificate: SSL_connect returned=1 errno=0 state=SSLv2/v3 read server hello A: (null) But `openssl s_client -connect puppetmaster.domain:8140` works just fine. There are no DNS alternative names and we only have one puppetmaster. Does anybody have an idea? Thanks! -Brian On Tuesday, February 11, 2014 1:56:25 PM UTC-6, Paul Tötterman wrote: > > Paul, that ssl error looks like the following post on puppet-users: >> https://groups.google.com/forum/#!topic/puppet-users/4-6EimF_-NY/discussion, >> which relates to SNI. >> > > Thank you for pointing me in the right direction. > > >> Adding a server alias to your puppetmaster vhost may resolve your >> problem. This is a change in ruby after 1.9.0, so it wouldn't have been in >> system ruby on OSX before mavericks. >> > > I can run the agent with --server puppet.$domain or by setting the server > in the config file. But I had no success in adding aliases to my > puppet/passenger/apache config. After trying to add the required apache > directives (NameVirtualHost, ServerName and ServerAlias) and restarting > apache, no puppet agents would communicate properly with the master. > > So I guess I'm going to go with server in puppet.conf for now. > > Thanks, > Paul > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/0bcc83a0-d9b7-4cca-adfb-66289c418be1%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
