Looks like your master's host name isn't included on the certificate. Are you able to run the agent using puppet agent -t --server puppet ?
You can also see what host names are returned by the master's cert using openssl. openssl s_client -connect puppet:8140 This should show you the entire certificate chain. For example: openssl s_client -connect puppet:8140 > CONNECTED(00000003) > depth=0 CN = puppetmaster.example.com > verify error:num=20:unable to get local issuer certificate > verify return:1 > depth=0 CN = puppetmaster.example.com > verify error:num=21:unable to verify the first certificate > verify return:1 > --- > Certificate chain > 0 s:/CN=puppetmaster.example.com > i:/CN=Puppet CA: puppet-f20.example.com > > On Friday, October 21, 2016 at 8:27:17 AM UTC-4, rakshath...@yahoo.in wrote: > > Hi All, > > I have puppet open source installed on RHEL server and puppet agent on > windows server 2012. Setup was done and was working fine, but after > rebooting the puppet server, command puppet agent -t is throwing an error > *'Failed > to generate additional resources using 'eval_generate': Server hostname > '<Puppet Master Hostname>' did* > > *not match server certificate; expected one of localhost.localdomain, > DNS:puppet, DNS:localhost.localdomain'. *Can anyone help me understand > this issue, or help me get it resolved permanently? > > > > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/70dbd2fe-7060-406d-9626-394185d2b336%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
