Looks like your master's host name isn't included on the certificate. Are you able to run the agent using puppet agent -t --server puppet ?
You can also see what host names are returned by the master's cert using openssl. openssl s_client -connect puppet:8140 This should show you the entire certificate chain. For example: openssl s_client -connect puppet:8140 > CONNECTED(00000003) > depth=0 CN = puppetmaster.example.com > verify error:num=20:unable to get local issuer certificate > verify return:1 > depth=0 CN = puppetmaster.example.com > verify error:num=21:unable to verify the first certificate > verify return:1 > --- > Certificate chain > 0 s:/CN=puppetmaster.example.com > i:/CN=Puppet CA: puppet-f20.example.com > > On Friday, October 21, 2016 at 8:27:17 AM UTC-4, [email protected] wrote: > > Hi All, > > I have puppet open source installed on RHEL server and puppet agent on > windows server 2012. Setup was done and was working fine, but after > rebooting the puppet server, command puppet agent -t is throwing an error > *'Failed > to generate additional resources using 'eval_generate': Server hostname > '<Puppet Master Hostname>' did* > > *not match server certificate; expected one of localhost.localdomain, > DNS:puppet, DNS:localhost.localdomain'. *Can anyone help me understand > this issue, or help me get it resolved permanently? > > > > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/70dbd2fe-7060-406d-9626-394185d2b336%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
