On Fri, Oct 9, 2015 at 4:35 AM, Dan <d...@ifunky.net> wrote: > Hi Wyatt, > > Thanks for the pointer! I found the full stack trace which gives a better > error: > > I just need to workout how to configure the SSL configuration now.
Try `puppetdb ssl-setup` on the command line. It requires that you've done a full puppet agent run first, since it re-uses Puppet's SSL certs/key files. Otherwise, you can create new ones manually using the `puppet cert` tooling: https://docs.puppetlabs.com/references/4.2.0/man/cert.html. Just be mindful that normal SSL validation rules apply here with the certificate hostnames. So you must match the real clients hostname, much like a browser, or the client will reject the server. > > > 2015-10-09 20:28:24,184 INFO [p.p.pdb-routing] Starting PuppetDB, entering > maintenance mode > 2015-10-09 20:28:24,257 INFO [p.t.s.n.nrepl-service] nREPL service > disabled, not starting > 2015-10-09 20:28:24,258 INFO [p.t.s.w.jetty9-service] Starting web > server(s). > 2015-10-09 20:28:24,293 ERROR [p.t.internal] Error during service start!!! > java.lang.IllegalArgumentException: Missing some SSL configuration; must > provide either :ssl-cert, :ssl-key, and :ssl-ca-cert, OR :truststore, > :trust-password, :keystor > e, and :key-password. > at > puppetlabs.trapperkeeper.services.webserver.jetty9_config$eval28763$get_jks_keystore_config_BANG___28764$fn__28768.invoke(jetty9_config.clj:288) > ~[na:na] > at > puppetlabs.trapperkeeper.services.webserver.jetty9_config$eval28763$get_jks_keystore_config_BANG___28764.invoke(jetty9_config.clj:282) > ~[na:na] > at > puppetlabs.trapperkeeper.services.webserver.jetty9_config$eval28787$get_keystore_config_BANG___28788$fn__28789.invoke(jetty9_config.clj:307) > ~[na:na] > at > puppetlabs.trapperkeeper.services.webserver.jetty9_config$eval28787$get_keystore_config_BANG___28788.invoke(jetty9_config.clj:300) > ~[na:na] > at > puppetlabs.trapperkeeper.services.webserver.jetty9_config$eval28963$maybe_get_https_connector__28964$fn__28965.invoke(jetty9_config.clj:399) > ~[na:na] > at > puppetlabs.trapperkeeper.services.webserver.jetty9_config$eval28963$maybe_get_https_connector__28964.invoke(jetty9_config.clj:390) > ~[na:na] > at > puppetlabs.trapperkeeper.services.webserver.jetty9_config$eval29004$maybe_add_https_connector__29005$fn__29006.invoke(jetty9_config.clj > > > Thanks > > Dan > > On Friday, 9 October 2015 01:18:08 UTC+1, Wyatt Alt wrote: >> >> Hey Dan, >> >> I see the bottom of a java stacktrace in your log snippet there -- could >> you get the full stacktrace from journalctl and stick it in a gist? >> >> Wyatt > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to puppet-users+unsubscr...@googlegroups.com. > To view this discussion on the web visit > https://groups.google.com/d/msgid/puppet-users/03974e18-839d-4aab-bddc-f4c42a9928c7%40googlegroups.com. > > For more options, visit https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CAE4bNTmdD6eUKrD34-4dP16ybhuZLO0Qw2d8NUBeut5MMb3jVA%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
