[Puppet Users] PuppetDB remote connection not working with CURL but working with openssl

Thu, 13 Aug 2015 02:45:13 -0700 

Hi,

I am trying to query the puppetdb from a remote server using curl and
https without success.

I have already generated the certificates and move them the remote server.

Using openssl all works ok

First I launch the following command:
openssl s_client -connect puppetdb:8081 -CAfile ca.pem -cert
pentahotest.pem.cer -key pentahotest.pem.priv

Once the connection is stablished I send the url to get the results:
get /v3/nodes
[ {
  "name" : "server1",
  "deactivated" : null,
  "catalog_timestamp" : "2015-08-13T09:12:44.087Z",
  "facts_timestamp" : "2015-08-13T09:12:35.127Z",
  "report_timestamp" : "2015-08-13T09:13:10.401Z"
}
[...]

So certificates are working ok. But If I use CURL with same
certificates it doesn't works

$ curl -vvv -sfG 'https://puppetdb:8081/v3/nodes' --cacert ca_crt.pem
--cert pentahotest.pem.cer --key pentahotest.pem.priv
* STATE: INIT => CONNECT handle 0x600057080; line 1075 (connection #-5000)
* Added connection 0. The cache now contains 1 members
*   Trying X.X.X.X...
* STATE: CONNECT => WAITCONNECT handle 0x600057080; line 1128 (connection #0)
* Connected to puppetdb (X.X.X.X) port 8081 (#0)
* STATE: WAITCONNECT => SENDPROTOCONNECT handle 0x600057080; line 1225
(connection #0)
* ALPN, offering http/1.1
* Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
* error setting certificate verify locations:
  CAfile: ca_crt.pem
  CApath: none
* STATE: SENDPROTOCONNECT => PROTOCONNECT handle 0x600057080; line
1239 (connection #0)
* Expire cleared
* Curl_done
* Closing connection 0
* The cache now contains 0 members

Any idea what am I doing wrong?

Best regards

--------------------------------------------------------------------------------------
Juan Sierra Pons                                 j...@elsotanillo.net
Linux User Registered: #257202
Web: http://www.elsotanillo.net Git: http://www.github.com/juasiepo
GPG key = 0xA110F4FE
Key Fingerprint = DF53 7415 0936 244E 9B00  6E66 E934 3406 A110 F4FE
--------------------------------------------------------------------------------------

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CABS%3Dy9tJ5321SNXJKTPgHY-5T4vGj19HNhp-_MPfM7QA1njbRw%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Reply via email to