I brought the puppetdb module and dependencies over to our development network and tried using it. All goes well until it tries to connect:
Notice: Unable to connect to puppetdb server (https://puppet.internal.net:8081): SSL_connect returned=1 errno=0 state=error: certificate verify failed: [unable to get local issuer certificate for /CN=puppet.internal.net] Notice: Failed to connect to puppetdb; sleeping 2 seconds before retry And this just loops. Does this point to a problem with puppetserver or puppetdb? On Wednesday, June 15, 2016 at 10:20:07 AM UTC-4, Bret Wortman wrote: > > I've installed postgresql and it's working with razor just fine. I > followed the puppetdb setup instructions for installing it from packages > and all looks good *except* that when puppetserver tries to connect to > it, the logs show a variety of java stack traces where the root cause > appears to be the above message. > > The puppetdb and puppetserver (and razor) are all running on the same > host, called "puppet". I can telnet to puppet port 8081 and something looks > like it answers. I don't get bounced from the port immediately, anyway. > When I browse to it, I get a certificate error in chrome, "...the > authenticity of the received data could not be verified." > > And, of course, my clients all fail: > > : > Info: Loading facts > Error: Could not retrieve catalog from remote server: Error 400 on SERVER: > Failed to execute > '/pdb/cmd/v1?checksum=7afbbb51c169c25ffede98f9bde4d456615392e7' on any of > the following 'server_urls': https://puppet.internal.net:8081 > Warning: Not using cache on failed catalog > Error: Could not retrieve catalog; skipping run > > On the server: > > # cat /etc/puppetlabs/puppetdb.conf > [main] > server_urls=https://puppet.internal.net:8081 > > [database] > classname=org.postgresql.Driver > subprotocol=postgresql > subname=//puppet.internal.net:5432/puppetdb > username=[username] > password=[password] > # cat puppet.conf > [master] > : > storeconfigs = true > storeconfigs_backend = puppetdb > > [agent] > classfile = $vardir/classes.txt > localconfig = $vardir/localconfig > reports = puppetdb > pluginsync = true > http_keepalive_timeout = 30 > # ls /etc/puppetlabs/puppetdb/ssl > ca.pem private.pem public.pem > # lsof -i:8081 > COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME > java 5151 puppetdb 33u IPv6 887988 0t0 TCP > puppet.internal.net:tproxy (LISTEN) > # netstat -a | grep 8081 > # netstat -a | grep 8080 > # > > Those last two have me confused, but I'm not sure they're indicative of a > problem. Anyone seen this before or have any idea where to look next? > > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/ce6ff671-329c-400f-acf2-09333a83f489%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
