On Fri, Oct 9, 2015 at 4:35 AM, Dan <[email protected]> wrote: > Hi Wyatt, > > Thanks for the pointer! I found the full stack trace which gives a better > error: > > I just need to workout how to configure the SSL configuration now.
Try `puppetdb ssl-setup` on the command line. It requires that you've done a full puppet agent run first, since it re-uses Puppet's SSL certs/key files. Otherwise, you can create new ones manually using the `puppet cert` tooling: https://docs.puppetlabs.com/references/4.2.0/man/cert.html. Just be mindful that normal SSL validation rules apply here with the certificate hostnames. So you must match the real clients hostname, much like a browser, or the client will reject the server. > > > 2015-10-09 20:28:24,184 INFO [p.p.pdb-routing] Starting PuppetDB, entering > maintenance mode > 2015-10-09 20:28:24,257 INFO [p.t.s.n.nrepl-service] nREPL service > disabled, not starting > 2015-10-09 20:28:24,258 INFO [p.t.s.w.jetty9-service] Starting web > server(s). > 2015-10-09 20:28:24,293 ERROR [p.t.internal] Error during service start!!! > java.lang.IllegalArgumentException: Missing some SSL configuration; must > provide either :ssl-cert, :ssl-key, and :ssl-ca-cert, OR :truststore, > :trust-password, :keystor > e, and :key-password. > at > puppetlabs.trapperkeeper.services.webserver.jetty9_config$eval28763$get_jks_keystore_config_BANG___28764$fn__28768.invoke(jetty9_config.clj:288) > ~[na:na] > at > puppetlabs.trapperkeeper.services.webserver.jetty9_config$eval28763$get_jks_keystore_config_BANG___28764.invoke(jetty9_config.clj:282) > ~[na:na] > at > puppetlabs.trapperkeeper.services.webserver.jetty9_config$eval28787$get_keystore_config_BANG___28788$fn__28789.invoke(jetty9_config.clj:307) > ~[na:na] > at > puppetlabs.trapperkeeper.services.webserver.jetty9_config$eval28787$get_keystore_config_BANG___28788.invoke(jetty9_config.clj:300) > ~[na:na] > at > puppetlabs.trapperkeeper.services.webserver.jetty9_config$eval28963$maybe_get_https_connector__28964$fn__28965.invoke(jetty9_config.clj:399) > ~[na:na] > at > puppetlabs.trapperkeeper.services.webserver.jetty9_config$eval28963$maybe_get_https_connector__28964.invoke(jetty9_config.clj:390) > ~[na:na] > at > puppetlabs.trapperkeeper.services.webserver.jetty9_config$eval29004$maybe_add_https_connector__29005$fn__29006.invoke(jetty9_config.clj > > > Thanks > > Dan > > On Friday, 9 October 2015 01:18:08 UTC+1, Wyatt Alt wrote: >> >> Hey Dan, >> >> I see the bottom of a java stacktrace in your log snippet there -- could >> you get the full stacktrace from journalctl and stick it in a gist? >> >> Wyatt > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/puppet-users/03974e18-839d-4aab-bddc-f4c42a9928c7%40googlegroups.com. > > For more options, visit https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CAE4bNTmdD6eUKrD34-4dP16ybhuZLO0Qw2d8NUBeut5MMb3jVA%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
