Hi Patrick,
On Thu, May 8, 2014 at 12:50 PM, Patrick Auld <patr...@patrickauld.com>wrote: > I installed Puppet 3.5.1 on Windows 7 from the MSI. I've run a few 'puppet > apply' commands and things appear to be working. We are not using a master > node for our current use case so I haven't set one up. The Windows Puppet > service is also disabled. When I try to install a module from the Forge I > get this SSL error: > > Error: Could not connect via HTTPS to https://forge.puppetlabs.com > Unable to verify the SSL certificate > The certificate may not be signed by a valid CA > The CA bundle included with OpenSSL may not be valid or up to date > > I haven't touched any of the puppet conf yet. Is a master node required to > install modules? I'm still getting started but from what I've read it does > not, so I'm a little unsure if this is an error in from MSI or if action is > required on my part. Thanks in advance. > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to puppet-users+unsubscr...@googlegroups.com. > To view this discussion on the web visit > https://groups.google.com/d/msgid/puppet-users/57e030f9-1fe0-40fd-a879-9c72c138cc35%40googlegroups.com<https://groups.google.com/d/msgid/puppet-users/57e030f9-1fe0-40fd-a879-9c72c138cc35%40googlegroups.com?utm_medium=email&utm_source=footer> > . > For more options, visit https://groups.google.com/d/optout. > Due to the heartbleed vulnerability we obtained new SSL certificates for all SSL web servers and services. Previously, our certificate was issued by GeoTrust, but the new one is issued from UserTrustNetwork. Unfortunately, the new CA is not trusted by Windows out of the box, nor when running Windows update to install the latest cert bundle. We are working on obtaining a new SSL certificate for the forge. In the meantime, you can manually install the UserTrustNetwork CA into your Windows root certificate store. We do something similar during acceptance testing: https://github.com/puppetlabs/puppet/blob/master/acceptance/setup/git/pre-suite/070_InstalCACerts.rb#L62-L65 Make sure to verify the certificate prior to installing it due to the security implications. Josh -- Josh Cooper Developer, Puppet Labs *Join us at PuppetConf 2014 <http://www.puppetconf.com/>, September 22-24 in San Francisco* *Register by May 30th to take advantage of the Early Adopter discount <http://links.puppetlabs.com/puppetconf-early-adopter> **—**save $349!* -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CA%2Bu97um30N%3DOtkweCjRabUp53oqwnM%2BiVTbJ_0jKXpYn5Sj_rg%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
