By "home directory" I mean /home, where the directory /home/dpasacrita, and where (importantly) /home/dpasacrita/.puppet is. This is where the certificates are stored if I'm understanding this right, and this issue is apparently with the master's certificate.
I cannot run any puppet cert clean operation, it will give the same error as before. $ puppet cert clean [Agent FQDN] Error: The certificate retrieved from the master does not match the agent's private key. Certificate fingerprint: 07:A8:41:FA:6D:00:3D:93:A3:74:CA:74:A3:6B:16:26:0A:A8:81:26:24:10:D7:D1:C4:70:60:AE:A5:68:D2:B0 To fix this, remove the certificate from both the master and the agent and then start a puppet run, which will automatically regenerate a certficate. On the master: puppet cert clean master.crownawards.com On the agent: rm -f /home/dpasacrita/.puppet/ssl/certs/master.crownawards.com.pem puppet agent -t On Monday, May 5, 2014 10:49:40 AM UTC-4, Felix.Frank wrote: > > What do you mean by "home directory"? > > To clean an agent's certificate, use puppet cert clean, but with with > the agent's FQDN as its argument, not the master's FQDN. > > On 05/05/2014 04:35 PM, Dan Pasacrita wrote: > > Well my thinking was that since the certificate is stored in the home > > directory, messing with the home directory somehow changed the masters > > certificate, which is why none of the agent's keys match it. I really > > don't know though, I'm kinda new to puppet and linux. In any case, I > > can't clean the agent certificates from the master since I can't run the > > command to do so, unless there's a way to do it manually. > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/3b37faf5-eb77-4abb-8284-7aae7e368391%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
