Re: [Puppet Users] puppetserver error "Service ':CaService' not found" when following puppet install guide

[Jeremy Barlow]

On Friday, September 9, 2016 at 7:25:48 AM UTC-7, Daniel Creed wrote:
>
> I have the same error, but even with the ca.cfg file. 
>
>
Assuming you are using Puppet Server 2.5.0 or 2.6.0, you might check to see 
that the "BOOTSTRAP_CONFIG" variable in your "/etc/sysconfig/puppetserver" 
or "/etc/default/puppetserver" file is set, as would be the default for a 
new package install, to:

BOOTSTRAP_CONFIG="/etc/puppetlabs/puppetserver/services.d/,/opt/puppetlabs/server/apps/puppetserver/services.d"


The "/etc/puppetlabs/puppetserver/services.d/" directory will only be 
inspected for ".cfg" files if included in the value for the 
"BOOTSTRAP_CONFIG" variable.

If this doesn't help you overcome the error, you might respond back with 
the contents of the "ca.cfg" file and confirm which version of Puppet 
Server you are using.
 

>
> On Sunday, August 28, 2016 at 7:36:45 PM UTC-5, Alex Xu wrote:
>>
>> Hey Matthaus, 
>>
>> Thanks for the help. The problem is indeed missing ca.cfg. After I add a 
>> ca.cfg file in the link you provided, the issue is gone. Really appreciated!
>>
>> Thanks,
>> AX
>>
>>
>> On Saturday, August 27, 2016 at 12:45:33 AM UTC+8, Matthaus Litteken 
>> wrote:
>>>
>>> AX,
>>>
>>> In puppetserver 2.5.0 some changes went in with respect our 
>>> bootstrap.cfg config file. This change shouldn't affect fresh installs. It 
>>> looks as though you are 
>>> missing /etc/puppetlabs/puppetserver/services.d/ca.cfg, which adds the 
>>> CaService. ca.cfg should look like the following for a puppet-server 
>>> install that will also be a CA: 
>>> https://github.com/puppetlabs/puppetserver/blob/2.5.0/ezbake/config/services.d/ca.cfg
>>>
>>> Also, for more details with respect to the bootstrap.cfg changes in 
>>> 2.5.0, here are the docs:
>>> - 
>>> https://docs.puppet.com/puppetserver/2.5/release_notes.html#potential-breaking-issues-when-upgrading-with-a-modified-bootstrapcfg
>>> - https://docs.puppet.com/puppetserver/2.5/bootstrap_upgrade_notes.html
>>>
>>> Hope that helps,
>>> Matthaus
>>>
>>> On Fri, Aug 26, 2016 at 5:45 AM, Alex Xu  wrote:
>>>
 Hi all, 

 I was following puppet install guide for puppet 4.6 puppetserver 2.5. 
 After I installed puppetserver and puppet-agent 
 from puppetlabs-release-pc1-trusty.deb in a new Ubuntu 14.04 box. 

 When I try running "puppet resource service puppetserver 
 ensure=running", I got following error 
 in /var/log/puppetlabs/puppetserver/puppetserver-daemon.log. 

 Searched on google and there is nothing about CaService. Really 
 appreciate any thoughts on this.

 Thanks,
 AX


 20:20:10.470 [main] DEBUG puppetlabs.trapperkeeper.bootstrap - Loading 
 bootstrap configs:
 /opt/puppetlabs/server/apps/puppetserver/config/services.d/bootstrap.cfg
 20:20:12.653 [main] DEBUG org.eclipse.jetty.util.log - Logging to 
 Logger[org.eclipse.jetty.util.log] via org.eclipse.jetty.util.log.Slf4jLog
 20:20:12.658 [main] INFO  org.eclipse.jetty.util.log - Logging 
 initialized @14082ms
 20:20:12.942 [main] INFO  p.t.services.webserver.jetty9-core - Removing 
 buggy security provider SunPKCS11-NSS version 1.7
 20:20:17.010 [main] DEBUG puppetlabs.trapperkeeper.internal - 
 Initializing lifecycle worker loop.
 20:20:17.096 [main] ERROR puppetlabs.trapperkeeper.internal - Error 
 during app buildup!
 java.lang.RuntimeException: Service ':CaService' not found
  at 
 puppetlabs.trapperkeeper.internal$handle_prismatic_exception_BANG_.invoke(internal.clj:98)
  
 ~[na:na]
  at 
 puppetlabs.trapperkeeper.internal$instantiate$fn__13793.invoke(internal.clj:139)
  
 ~[na:na]
  at 
 puppetlabs.trapperkeeper.internal$instantiate.invoke(internal.clj:136) 
 ~[na:na]
  at 
 puppetlabs.trapperkeeper.internal$eval14328$build_app_STAR___14337$fn__14338.invoke(internal.clj:542)
  
 ~[na:na]
  at 
 puppetlabs.trapperkeeper.internal$eval14328$build_app_STAR___14337.invoke(internal.clj:510)
  
 ~[na:na]
  at 
 puppetlabs.trapperkeeper.internal$eval14430$boot_services_STAR___14439$fn__14440$fn__14441.invoke(internal.clj:610)
  
 ~[na:na]
  at 
 puppetlabs.trapperkeeper.internal$eval14430$boot_services_STAR___14439$fn__14440.invoke(internal.clj:609)
  
 [na:na]
  at 
 puppetlabs.trapperkeeper.internal$eval14430$boot_services_STAR___14439.invoke(internal.clj:604)
  
 [na:na]
  at 
 puppetlabs.trapperkeeper.core$eval15252$boot_with_cli_data__15259$fn__15260.invoke(core.clj:130)
  
 [na:na]
  at 
 puppetlabs.trapperkeeper.core$eval15252$boot_with_cli_data__15259.invoke(core.clj:95)
  
 [na:na]
  at 
 puppetlabs.trapperkeeper.core$eval15281$run__15286$fn__15287.invoke(core.clj:151)
  
 [na:na]
  at 
 puppetlabs.trapperkeeper.core$eval15281$run__15286.invoke(core.clj:145) 
 [na:na]
  at 

Re: [Puppet Users] puppetserver error "Service ':CaService' not found" when following puppet install guide

[Daniel Creed]

I have the same error, but even with the ca.cfg file. 



On Sunday, August 28, 2016 at 7:36:45 PM UTC-5, Alex Xu wrote:
>
> Hey Matthaus, 
>
> Thanks for the help. The problem is indeed missing ca.cfg. After I add a 
> ca.cfg file in the link you provided, the issue is gone. Really appreciated!
>
> Thanks,
> AX
>
>
> On Saturday, August 27, 2016 at 12:45:33 AM UTC+8, Matthaus Litteken wrote:
>>
>> AX,
>>
>> In puppetserver 2.5.0 some changes went in with respect our bootstrap.cfg 
>> config file. This change shouldn't affect fresh installs. It looks as 
>> though you are missing /etc/puppetlabs/puppetserver/services.d/ca.cfg, 
>> which adds the CaService. ca.cfg should look like the following for a 
>> puppet-server install that will also be a CA: 
>> https://github.com/puppetlabs/puppetserver/blob/2.5.0/ezbake/config/services.d/ca.cfg
>>
>> Also, for more details with respect to the bootstrap.cfg changes in 
>> 2.5.0, here are the docs:
>> - 
>> https://docs.puppet.com/puppetserver/2.5/release_notes.html#potential-breaking-issues-when-upgrading-with-a-modified-bootstrapcfg
>> - https://docs.puppet.com/puppetserver/2.5/bootstrap_upgrade_notes.html
>>
>> Hope that helps,
>> Matthaus
>>
>> On Fri, Aug 26, 2016 at 5:45 AM, Alex Xu  wrote:
>>
>>> Hi all, 
>>>
>>> I was following puppet install guide for puppet 4.6 puppetserver 2.5. 
>>> After I installed puppetserver and puppet-agent 
>>> from puppetlabs-release-pc1-trusty.deb in a new Ubuntu 14.04 box. 
>>>
>>> When I try running "puppet resource service puppetserver 
>>> ensure=running", I got following error 
>>> in /var/log/puppetlabs/puppetserver/puppetserver-daemon.log. 
>>>
>>> Searched on google and there is nothing about CaService. Really 
>>> appreciate any thoughts on this.
>>>
>>> Thanks,
>>> AX
>>>
>>>
>>> 20:20:10.470 [main] DEBUG puppetlabs.trapperkeeper.bootstrap - Loading 
>>> bootstrap configs:
>>> /opt/puppetlabs/server/apps/puppetserver/config/services.d/bootstrap.cfg
>>> 20:20:12.653 [main] DEBUG org.eclipse.jetty.util.log - Logging to 
>>> Logger[org.eclipse.jetty.util.log] via org.eclipse.jetty.util.log.Slf4jLog
>>> 20:20:12.658 [main] INFO  org.eclipse.jetty.util.log - Logging 
>>> initialized @14082ms
>>> 20:20:12.942 [main] INFO  p.t.services.webserver.jetty9-core - Removing 
>>> buggy security provider SunPKCS11-NSS version 1.7
>>> 20:20:17.010 [main] DEBUG puppetlabs.trapperkeeper.internal - 
>>> Initializing lifecycle worker loop.
>>> 20:20:17.096 [main] ERROR puppetlabs.trapperkeeper.internal - Error 
>>> during app buildup!
>>> java.lang.RuntimeException: Service ':CaService' not found
>>>  at 
>>> puppetlabs.trapperkeeper.internal$handle_prismatic_exception_BANG_.invoke(internal.clj:98)
>>>  
>>> ~[na:na]
>>>  at 
>>> puppetlabs.trapperkeeper.internal$instantiate$fn__13793.invoke(internal.clj:139)
>>>  
>>> ~[na:na]
>>>  at 
>>> puppetlabs.trapperkeeper.internal$instantiate.invoke(internal.clj:136) 
>>> ~[na:na]
>>>  at 
>>> puppetlabs.trapperkeeper.internal$eval14328$build_app_STAR___14337$fn__14338.invoke(internal.clj:542)
>>>  
>>> ~[na:na]
>>>  at 
>>> puppetlabs.trapperkeeper.internal$eval14328$build_app_STAR___14337.invoke(internal.clj:510)
>>>  
>>> ~[na:na]
>>>  at 
>>> puppetlabs.trapperkeeper.internal$eval14430$boot_services_STAR___14439$fn__14440$fn__14441.invoke(internal.clj:610)
>>>  
>>> ~[na:na]
>>>  at 
>>> puppetlabs.trapperkeeper.internal$eval14430$boot_services_STAR___14439$fn__14440.invoke(internal.clj:609)
>>>  
>>> [na:na]
>>>  at 
>>> puppetlabs.trapperkeeper.internal$eval14430$boot_services_STAR___14439.invoke(internal.clj:604)
>>>  
>>> [na:na]
>>>  at 
>>> puppetlabs.trapperkeeper.core$eval15252$boot_with_cli_data__15259$fn__15260.invoke(core.clj:130)
>>>  
>>> [na:na]
>>>  at 
>>> puppetlabs.trapperkeeper.core$eval15252$boot_with_cli_data__15259.invoke(core.clj:95)
>>>  
>>> [na:na]
>>>  at 
>>> puppetlabs.trapperkeeper.core$eval15281$run__15286$fn__15287.invoke(core.clj:151)
>>>  
>>> [na:na]
>>>  at 
>>> puppetlabs.trapperkeeper.core$eval15281$run__15286.invoke(core.clj:145) 
>>> [na:na]
>>>  at puppetlabs.trapperkeeper.core$main.doInvoke(core.clj:173) [na:na]
>>>  at clojure.lang.RestFn.invoke(RestFn.java:457) 
>>> [puppet-server-release.jar:na]
>>>  at clojure.lang.Var.invoke(Var.java:394) [puppet-server-release.jar:na]
>>>  at clojure.lang.AFn.applyToHelper(AFn.java:165) 
>>> [puppet-server-release.jar:na]
>>>  at clojure.lang.Var.applyTo(Var.java:700) [puppet-server-release.jar:na]
>>>  at clojure.core$apply.invoke(core.clj:630) 
>>> [puppet-server-release.jar:na]
>>>  at puppetlabs.trapperkeeper.main$_main.doInvoke(main.clj:7) 
>>> [puppet-server-release.jar:na]
>>>  at clojure.lang.RestFn.invoke(RestFn.java:457) 
>>> [puppet-server-release.jar:na]
>>>  at clojure.lang.Var.invoke(Var.java:394) [puppet-server-release.jar:na]
>>>  at clojure.lang.AFn.applyToHelper(AFn.java:165) 
>>> [puppet-server-release.jar:na]
>>>  at clojure.lang.Var.applyTo(Var.java:700) 

Re: [Puppet Users] puppetserver error "Service ':CaService' not found" when following puppet install guide

[Alex Xu]

Hey Matthaus, 

Thanks for the help. The problem is indeed missing ca.cfg. After I add a 
ca.cfg file in the link you provided, the issue is gone. Really appreciated!

Thanks,
AX


On Saturday, August 27, 2016 at 12:45:33 AM UTC+8, Matthaus Litteken wrote:
>
> AX,
>
> In puppetserver 2.5.0 some changes went in with respect our bootstrap.cfg 
> config file. This change shouldn't affect fresh installs. It looks as 
> though you are missing /etc/puppetlabs/puppetserver/services.d/ca.cfg, 
> which adds the CaService. ca.cfg should look like the following for a 
> puppet-server install that will also be a CA: 
> https://github.com/puppetlabs/puppetserver/blob/2.5.0/ezbake/config/services.d/ca.cfg
>
> Also, for more details with respect to the bootstrap.cfg changes in 2.5.0, 
> here are the docs:
> - 
> https://docs.puppet.com/puppetserver/2.5/release_notes.html#potential-breaking-issues-when-upgrading-with-a-modified-bootstrapcfg
> - https://docs.puppet.com/puppetserver/2.5/bootstrap_upgrade_notes.html
>
> Hope that helps,
> Matthaus
>
> On Fri, Aug 26, 2016 at 5:45 AM, Alex Xu  > wrote:
>
>> Hi all, 
>>
>> I was following puppet install guide for puppet 4.6 puppetserver 2.5. 
>> After I installed puppetserver and puppet-agent 
>> from puppetlabs-release-pc1-trusty.deb in a new Ubuntu 14.04 box. 
>>
>> When I try running "puppet resource service puppetserver ensure=running", 
>> I got following error 
>> in /var/log/puppetlabs/puppetserver/puppetserver-daemon.log. 
>>
>> Searched on google and there is nothing about CaService. Really 
>> appreciate any thoughts on this.
>>
>> Thanks,
>> AX
>>
>>
>> 20:20:10.470 [main] DEBUG puppetlabs.trapperkeeper.bootstrap - Loading 
>> bootstrap configs:
>> /opt/puppetlabs/server/apps/puppetserver/config/services.d/bootstrap.cfg
>> 20:20:12.653 [main] DEBUG org.eclipse.jetty.util.log - Logging to 
>> Logger[org.eclipse.jetty.util.log] via org.eclipse.jetty.util.log.Slf4jLog
>> 20:20:12.658 [main] INFO  org.eclipse.jetty.util.log - Logging 
>> initialized @14082ms
>> 20:20:12.942 [main] INFO  p.t.services.webserver.jetty9-core - Removing 
>> buggy security provider SunPKCS11-NSS version 1.7
>> 20:20:17.010 [main] DEBUG puppetlabs.trapperkeeper.internal - 
>> Initializing lifecycle worker loop.
>> 20:20:17.096 [main] ERROR puppetlabs.trapperkeeper.internal - Error 
>> during app buildup!
>> java.lang.RuntimeException: Service ':CaService' not found
>>  at 
>> puppetlabs.trapperkeeper.internal$handle_prismatic_exception_BANG_.invoke(internal.clj:98)
>>  
>> ~[na:na]
>>  at 
>> puppetlabs.trapperkeeper.internal$instantiate$fn__13793.invoke(internal.clj:139)
>>  
>> ~[na:na]
>>  at 
>> puppetlabs.trapperkeeper.internal$instantiate.invoke(internal.clj:136) 
>> ~[na:na]
>>  at 
>> puppetlabs.trapperkeeper.internal$eval14328$build_app_STAR___14337$fn__14338.invoke(internal.clj:542)
>>  
>> ~[na:na]
>>  at 
>> puppetlabs.trapperkeeper.internal$eval14328$build_app_STAR___14337.invoke(internal.clj:510)
>>  
>> ~[na:na]
>>  at 
>> puppetlabs.trapperkeeper.internal$eval14430$boot_services_STAR___14439$fn__14440$fn__14441.invoke(internal.clj:610)
>>  
>> ~[na:na]
>>  at 
>> puppetlabs.trapperkeeper.internal$eval14430$boot_services_STAR___14439$fn__14440.invoke(internal.clj:609)
>>  
>> [na:na]
>>  at 
>> puppetlabs.trapperkeeper.internal$eval14430$boot_services_STAR___14439.invoke(internal.clj:604)
>>  
>> [na:na]
>>  at 
>> puppetlabs.trapperkeeper.core$eval15252$boot_with_cli_data__15259$fn__15260.invoke(core.clj:130)
>>  
>> [na:na]
>>  at 
>> puppetlabs.trapperkeeper.core$eval15252$boot_with_cli_data__15259.invoke(core.clj:95)
>>  
>> [na:na]
>>  at 
>> puppetlabs.trapperkeeper.core$eval15281$run__15286$fn__15287.invoke(core.clj:151)
>>  
>> [na:na]
>>  at 
>> puppetlabs.trapperkeeper.core$eval15281$run__15286.invoke(core.clj:145) 
>> [na:na]
>>  at puppetlabs.trapperkeeper.core$main.doInvoke(core.clj:173) [na:na]
>>  at clojure.lang.RestFn.invoke(RestFn.java:457) 
>> [puppet-server-release.jar:na]
>>  at clojure.lang.Var.invoke(Var.java:394) [puppet-server-release.jar:na]
>>  at clojure.lang.AFn.applyToHelper(AFn.java:165) 
>> [puppet-server-release.jar:na]
>>  at clojure.lang.Var.applyTo(Var.java:700) [puppet-server-release.jar:na]
>>  at clojure.core$apply.invoke(core.clj:630) [puppet-server-release.jar:na]
>>  at puppetlabs.trapperkeeper.main$_main.doInvoke(main.clj:7) 
>> [puppet-server-release.jar:na]
>>  at clojure.lang.RestFn.invoke(RestFn.java:457) 
>> [puppet-server-release.jar:na]
>>  at clojure.lang.Var.invoke(Var.java:394) [puppet-server-release.jar:na]
>>  at clojure.lang.AFn.applyToHelper(AFn.java:165) 
>> [puppet-server-release.jar:na]
>>  at clojure.lang.Var.applyTo(Var.java:700) [puppet-server-release.jar:na]
>>  at clojure.core$apply.invoke(core.clj:630) [puppet-server-release.jar:na]
>>  at clojure.main$main_opt.invoke(main.clj:316) 
>> [puppet-server-release.jar:na]
>>  at clojure.main$main.doInvoke(main.clj:421) 
>> 

Re: [Puppet Users] puppetserver error "Service ':CaService' not found" when following puppet install guide

[Matthaus Owens]

AX,

In puppetserver 2.5.0 some changes went in with respect our bootstrap.cfg
config file. This change shouldn't affect fresh installs. It looks as
though you are missing /etc/puppetlabs/puppetserver/services.d/ca.cfg,
which adds the CaService. ca.cfg should look like the following for a
puppet-server install that will also be a CA:
https://github.com/puppetlabs/puppetserver/blob/2.5.0/ezbake/config/services.d/ca.cfg

Also, for more details with respect to the bootstrap.cfg changes in 2.5.0,
here are the docs:
-
https://docs.puppet.com/puppetserver/2.5/release_notes.html#potential-breaking-issues-when-upgrading-with-a-modified-bootstrapcfg
- https://docs.puppet.com/puppetserver/2.5/bootstrap_upgrade_notes.html

Hope that helps,
Matthaus

On Fri, Aug 26, 2016 at 5:45 AM, Alex Xu  wrote:

> Hi all,
>
> I was following puppet install guide for puppet 4.6 puppetserver 2.5.
> After I installed puppetserver and puppet-agent from 
> puppetlabs-release-pc1-trusty.deb
> in a new Ubuntu 14.04 box.
>
> When I try running "puppet resource service puppetserver ensure=running",
> I got following error in /var/log/puppetlabs/puppetserver/puppetserver-
> daemon.log.
>
> Searched on google and there is nothing about CaService. Really appreciate
> any thoughts on this.
>
> Thanks,
> AX
>
>
> 20:20:10.470 [main] DEBUG puppetlabs.trapperkeeper.bootstrap - Loading
> bootstrap configs:
> /opt/puppetlabs/server/apps/puppetserver/config/services.d/bootstrap.cfg
> 20:20:12.653 [main] DEBUG org.eclipse.jetty.util.log - Logging to
> Logger[org.eclipse.jetty.util.log] via org.eclipse.jetty.util.log.Slf4jLog
> 20:20:12.658 [main] INFO  org.eclipse.jetty.util.log - Logging initialized
> @14082ms
> 20:20:12.942 [main] INFO  p.t.services.webserver.jetty9-core - Removing
> buggy security provider SunPKCS11-NSS version 1.7
> 20:20:17.010 [main] DEBUG puppetlabs.trapperkeeper.internal -
> Initializing lifecycle worker loop.
> 20:20:17.096 [main] ERROR puppetlabs.trapperkeeper.internal - Error
> during app buildup!
> java.lang.RuntimeException: Service ':CaService' not found
>  at puppetlabs.trapperkeeper.internal$handle_prismatic_
> exception_BANG_.invoke(internal.clj:98) ~[na:na]
>  at 
> puppetlabs.trapperkeeper.internal$instantiate$fn__13793.invoke(internal.clj:139)
> ~[na:na]
>  at puppetlabs.trapperkeeper.internal$instantiate.invoke(internal.clj:136)
> ~[na:na]
>  at puppetlabs.trapperkeeper.internal$eval14328$build_app_
> STAR___14337$fn__14338.invoke(internal.clj:542) ~[na:na]
>  at puppetlabs.trapperkeeper.internal$eval14328$build_app_
> STAR___14337.invoke(internal.clj:510) ~[na:na]
>  at puppetlabs.trapperkeeper.internal$eval14430$boot_
> services_STAR___14439$fn__14440$fn__14441.invoke(internal.clj:610)
> ~[na:na]
>  at puppetlabs.trapperkeeper.internal$eval14430$boot_
> services_STAR___14439$fn__14440.invoke(internal.clj:609) [na:na]
>  at puppetlabs.trapperkeeper.internal$eval14430$boot_
> services_STAR___14439.invoke(internal.clj:604) [na:na]
>  at puppetlabs.trapperkeeper.core$eval15252$boot_with_cli_data__
> 15259$fn__15260.invoke(core.clj:130) [na:na]
>  at 
> puppetlabs.trapperkeeper.core$eval15252$boot_with_cli_data__15259.invoke(core.clj:95)
> [na:na]
>  at 
> puppetlabs.trapperkeeper.core$eval15281$run__15286$fn__15287.invoke(core.clj:151)
> [na:na]
>  at puppetlabs.trapperkeeper.core$eval15281$run__15286.invoke(core.clj:145)
> [na:na]
>  at puppetlabs.trapperkeeper.core$main.doInvoke(core.clj:173) [na:na]
>  at clojure.lang.RestFn.invoke(RestFn.java:457)
> [puppet-server-release.jar:na]
>  at clojure.lang.Var.invoke(Var.java:394) [puppet-server-release.jar:na]
>  at clojure.lang.AFn.applyToHelper(AFn.java:165)
> [puppet-server-release.jar:na]
>  at clojure.lang.Var.applyTo(Var.java:700) [puppet-server-release.jar:na]
>  at clojure.core$apply.invoke(core.clj:630) [puppet-server-release.jar:na]
>  at puppetlabs.trapperkeeper.main$_main.doInvoke(main.clj:7)
> [puppet-server-release.jar:na]
>  at clojure.lang.RestFn.invoke(RestFn.java:457)
> [puppet-server-release.jar:na]
>  at clojure.lang.Var.invoke(Var.java:394) [puppet-server-release.jar:na]
>  at clojure.lang.AFn.applyToHelper(AFn.java:165)
> [puppet-server-release.jar:na]
>  at clojure.lang.Var.applyTo(Var.java:700) [puppet-server-release.jar:na]
>  at clojure.core$apply.invoke(core.clj:630) [puppet-server-release.jar:na]
>  at clojure.main$main_opt.invoke(main.clj:316)
> [puppet-server-release.jar:na]
>  at clojure.main$main.doInvoke(main.clj:421)
> [puppet-server-release.jar:na]
>  at clojure.lang.RestFn.invoke(RestFn.java:512)
> [puppet-server-release.jar:na]
>  at clojure.lang.Var.invoke(Var.java:409) [puppet-server-release.jar:na]
>  at clojure.lang.AFn.applyToHelper(AFn.java:178)
> [puppet-server-release.jar:na]
>  at clojure.lang.Var.applyTo(Var.java:700) [puppet-server-release.jar:na]
>  at clojure.main.main(main.java:37) [puppet-server-release.jar:na]
> 20:20:17.098 [main] DEBUG puppetlabs.trapperkeeper.core - Finished TK main
> 

Re: [Puppet Users] puppetserver error: no such file to load -- pg on node puppetmaster1

[Martin Alfke]

On 20 Sep 2015, at 18:00, Martin Alfke  wrote:

> 
> On 19 Sep 2015, at 21:14, rhpuppetu...@gmail.com wrote:
> 
>> Thanks Martin for replying. By the way, i'm following your seminars on 
>> youtube and they are very helpful. The error still persists.
>> 
>> I've tried this earlier but command failed with the following error. 
>> # puppetserver gem install pg --no-ri --no-rdoc
>> Building native extensions. This could take a while...
>> ERROR:  Error installing pg:
>>ERROR: Failed to build gem native extension.
>> 
>>  java -jar /usr/share/puppetserver/puppet-server-release.jar -r 
>> ./siteconf20150919-17955-hjabmk.rb extconf.rb
>> 
>> Error(s) occured while parsing command-line arguments: Unknown option: "-r"
>> 
>> <--- some options >
>> 
>> extconf failed, uncaught signal 1
>> 
>> <--- some output 2 lines —>
> 
> Seems to be a bug.
> I can reproduce this error on Debian 7 with puppetserver 2.1.1
> 
> I have opened a ticket at PuppetLabs: 
> https://tickets.puppetlabs.com/browse/SERVER-905

I love PuppetLabs guys for their fast feedback and detailed descriptions:
Quoting Chris:
"I think this is probably expected behavior; Puppet Server runs JRuby, and 
JRuby doesn't support gems with native extensions. For most of the common gems 
that fall into this category, there is a suitable alternative that does work 
with JRuby. You can find general docs on this subject on the JRuby wiki, here:
https://github.com/jruby/jruby/wiki/C-Extension-Alternatives
It looks like, for pg, they're recommending the 
activerecord-jdbcpostgresql-adapter instead. Maybe that will be sufficient for 
your use case?"

In your case: puppetserver works as expected.
I will close the ticket with PL.

> 
>> 
>> =
>> 
>> 
>> On Friday, September 18, 2015 at 1:51:44 AM UTC-5, Martin Alfke wrote:
>> 
>> On 18 Sep 2015, at 04:08, rhpupp...@gmail.com wrote: 
>> 
>>> Our puppet master used to run using apache passenger stack. We've recently 
>>> migrated from passenger to puppetserver. When i run puppet agent -vt on my 
>>> client, its showing the following error. 
>>> 
>>> Error 400 on server : could not autoload 
>>> puppet/parser/functions/get_location: no such file to load -- pg on node 
>>> puppetmaster1 
>>> 
>>> puppet master --version : 3.7.5 
>>> ruby --version : 1.8.7 patch level 374-2 
>>> - 
>>> #cat puppet/parser/functions/get_location.rb 
>>> require 'rubygems' 
>>> require 'pg' 
>>> require ‘resolv' 
>> 
>> It seems as if you are missing the pg ruby gem within puppet server: 
>> sudo puppetserver gem install pg --no-ri --no-rdoc 
>> see: 
>> https://github.com/puppetlabs/puppet-server/blob/master/documentation/gems.markdown
>>  
>> 
>> Best, 
>> Martin 
>> 
>>> 
>>> module Puppet::Parser::Funtions 
>>> 
>>> xx 
>>> - 
>>> 
>>> I would appreciate if someone help me fixing this issue. 
>>> 
>>> 
>>> -- 
>>> You received this message because you are subscribed to the Google Groups 
>>> "Puppet Users" group. 
>>> To unsubscribe from this group and stop receiving emails from it, send an 
>>> email to puppet-users...@googlegroups.com. 
>>> To view this discussion on the web visit 
>>> https://groups.google.com/d/msgid/puppet-users/e86265cf-cf4b-4b92-9657-64d5137adf59%40googlegroups.com.
>>>  
>>> For more options, visit https://groups.google.com/d/optout. 
>> 
>> 
>> -- 
>> You received this message because you are subscribed to the Google Groups 
>> "Puppet Users" group.
>> To unsubscribe from this group and stop receiving emails from it, send an 
>> email to puppet-users+unsubscr...@googlegroups.com.
>> To view this discussion on the web visit 
>> https://groups.google.com/d/msgid/puppet-users/bba04c2b-a309-4219-8a40-d381a7554be7%40googlegroups.com.
>> For more options, visit https://groups.google.com/d/optout.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/5B0F9E3D-E75B-42D2-9963-C8D9F2A59EB9%40gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] puppetserver error: no such file to load -- pg on node puppetmaster1

[Martin Alfke]

On 19 Sep 2015, at 21:14, rhpuppetu...@gmail.com wrote:

> Thanks Martin for replying. By the way, i'm following your seminars on 
> youtube and they are very helpful. The error still persists.
> 
> I've tried this earlier but command failed with the following error. 
> # puppetserver gem install pg --no-ri --no-rdoc
> Building native extensions. This could take a while...
> ERROR:  Error installing pg:
> ERROR: Failed to build gem native extension.
> 
>   java -jar /usr/share/puppetserver/puppet-server-release.jar -r 
> ./siteconf20150919-17955-hjabmk.rb extconf.rb
> 
> Error(s) occured while parsing command-line arguments: Unknown option: "-r"
> 
> <--- some options >
> 
> extconf failed, uncaught signal 1
> 
> <--- some output 2 lines —>

Seems to be a bug.
I can reproduce this error on Debian 7 with puppetserver 2.1.1

I have opened a ticket at PuppetLabs: 
https://tickets.puppetlabs.com/browse/SERVER-905

> 
> =
> 
> 
> On Friday, September 18, 2015 at 1:51:44 AM UTC-5, Martin Alfke wrote:
> 
> On 18 Sep 2015, at 04:08, rhpupp...@gmail.com wrote: 
> 
> > Our puppet master used to run using apache passenger stack. We've recently 
> > migrated from passenger to puppetserver. When i run puppet agent -vt on my 
> > client, its showing the following error. 
> > 
> > Error 400 on server : could not autoload 
> > puppet/parser/functions/get_location: no such file to load -- pg on node 
> > puppetmaster1 
> > 
> > puppet master --version : 3.7.5 
> > ruby --version : 1.8.7 patch level 374-2 
> > - 
> > #cat puppet/parser/functions/get_location.rb 
> > require 'rubygems' 
> > require 'pg' 
> > require ‘resolv' 
> 
> It seems as if you are missing the pg ruby gem within puppet server: 
> sudo puppetserver gem install pg --no-ri --no-rdoc 
> see: 
> https://github.com/puppetlabs/puppet-server/blob/master/documentation/gems.markdown
>  
> 
> Best, 
> Martin 
> 
> > 
> > module Puppet::Parser::Funtions 
> > 
> > xx 
> > - 
> > 
> > I would appreciate if someone help me fixing this issue. 
> > 
> > 
> > -- 
> > You received this message because you are subscribed to the Google Groups 
> > "Puppet Users" group. 
> > To unsubscribe from this group and stop receiving emails from it, send an 
> > email to puppet-users...@googlegroups.com. 
> > To view this discussion on the web visit 
> > https://groups.google.com/d/msgid/puppet-users/e86265cf-cf4b-4b92-9657-64d5137adf59%40googlegroups.com.
> >  
> > For more options, visit https://groups.google.com/d/optout. 
> 
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to puppet-users+unsubscr...@googlegroups.com.
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/bba04c2b-a309-4219-8a40-d381a7554be7%40googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/1E5042ED-BE05-4892-92BC-5DBF33B60BB4%40gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] puppetserver error: no such file to load -- pg on node puppetmaster1

[rhpuppetuser]

Thanks Martin for replying. By the way, i'm following your seminars on 
youtube and they are very helpful. The error still persists.

I've tried this earlier but command failed with the following error. 
# puppetserver gem install pg --no-ri --no-rdoc
Building native extensions. This could take a while...
ERROR:  Error installing pg:
ERROR: Failed to build gem native extension.

  java -jar /usr/share/puppetserver/puppet-server-release.jar 
-r ./siteconf20150919-17955-hjabmk.rb extconf.rb

Error(s) occured while parsing command-line arguments: Unknown option: "-r"

<--- some options >

extconf failed, uncaught signal 1

<--- some output 2 lines --->

=


On Friday, September 18, 2015 at 1:51:44 AM UTC-5, Martin Alfke wrote:
>
>
> On 18 Sep 2015, at 04:08, rhpupp...@gmail.com  wrote: 
>
> > Our puppet master used to run using apache passenger stack. We've 
> recently migrated from passenger to puppetserver. When i run puppet agent 
> -vt on my client, its showing the following error. 
> > 
> > Error 400 on server : could not autoload 
> puppet/parser/functions/get_location: no such file to load -- pg on node 
> puppetmaster1 
> > 
> > puppet master --version : 3.7.5 
> > ruby --version : 1.8.7 patch level 374-2 
> > - 
> > #cat puppet/parser/functions/get_location.rb 
> > require 'rubygems' 
> > require 'pg' 
> > require ‘resolv' 
>
> It seems as if you are missing the pg ruby gem within puppet server: 
> sudo puppetserver gem install pg --no-ri --no-rdoc 
> see: 
> https://github.com/puppetlabs/puppet-server/blob/master/documentation/gems.markdown
>  
>
> Best, 
> Martin 
>
> > 
> > module Puppet::Parser::Funtions 
> > 
> > xx 
> > - 
> > 
> > I would appreciate if someone help me fixing this issue. 
> > 
> > 
> > -- 
> > You received this message because you are subscribed to the Google 
> Groups "Puppet Users" group. 
> > To unsubscribe from this group and stop receiving emails from it, send 
> an email to puppet-users...@googlegroups.com . 
> > To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/e86265cf-cf4b-4b92-9657-64d5137adf59%40googlegroups.com.
>  
>
> > For more options, visit https://groups.google.com/d/optout. 
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/bba04c2b-a309-4219-8a40-d381a7554be7%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] puppetserver error: no such file to load -- pg on node puppetmaster1

[Martin Alfke]

On 18 Sep 2015, at 04:08, rhpuppetu...@gmail.com wrote:

> Our puppet master used to run using apache passenger stack. We've recently 
> migrated from passenger to puppetserver. When i run puppet agent -vt on my 
> client, its showing the following error. 
> 
> Error 400 on server : could not autoload 
> puppet/parser/functions/get_location: no such file to load -- pg on node 
> puppetmaster1
> 
> puppet master --version : 3.7.5
> ruby --version : 1.8.7 patch level 374-2
> -
> #cat puppet/parser/functions/get_location.rb
> require 'rubygems'
> require 'pg'
> require ‘resolv'

It seems as if you are missing the pg ruby gem within puppet server:
sudo puppetserver gem install pg --no-ri --no-rdoc
see: 
https://github.com/puppetlabs/puppet-server/blob/master/documentation/gems.markdown

Best,
Martin

> 
> module Puppet::Parser::Funtions
> 
> xx
> -
> 
> I would appreciate if someone help me fixing this issue.
> 
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to puppet-users+unsubscr...@googlegroups.com.
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/e86265cf-cf4b-4b92-9657-64d5137adf59%40googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/ED4DBBFB-AC4E-4845-9032-4334A50CB318%40gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Puppetserver error

[Mohammad Khan]

I have checked the time it is fine on both client and server, but still the
error is occurring.

On Fri, Dec 30, 2011 at 3:56 PM, Florian Koch 
florian.koch1...@googlemail.com wrote:

 Hi, Maybe a Time related Problem? Check the Time on both, Client and Server




 Am 30.12.2011 um 18:55 schrieb Mohammad Khan makhan...@gmail.com:

 I have done this already; however, client certificate verify failed is
 occurring now where I am stuck.

 On Fri, Dec 30, 2011 at 12:51 PM, Aaron Grewell 
 aaron.grew...@gmail.comwrote:

 You'll have to re-sign your node's cert using puppetca --sign hostname

 On Fri, Dec 30, 2011 at 9:28 AM, Mohammad Khan makhan...@gmail.com
 wrote:
  I removed ssldir from clients and ran the puppetca --clean from the
 server.
  It ran fine finally. Now I am stuck on where client complains that
  'certificate verify failed I dont know what to do now?
 
 
  On Fri, Dec 30, 2011 at 11:42 AM, Aaron Grewell 
 aaron.grew...@gmail.com
  wrote:
 
  Did you remove the ssldir on the server or the client?  Usually to
  completely reset the cert you run clean on the server, remove the
  contents of the ssldir on the client, then re-run puppet and it should
  rebuild the cert.  I wouldn't recommend removing the ssldir on the
  server except as a last resort, otherwise you'll have to rebuild all
  your client certs.
 
  If that's what you already did, make sure that your ssldir and its
  contents are owned by user  group puppet as well.
 
  On Fri, Dec 30, 2011 at 8:02 AM, Mohammad Khan makhan...@gmail.com
  wrote:
   Do I need to make any changes to server or delete sl info on the
 server.
   I
   am still getting the certificate verify failed error on clients?
  
  
   On Fri, Dec 30, 2011 at 8:54 AM, Mohammad Khan makhan...@gmail.com
   wrote:
  
   I was able to sign the certificate to the client but still I am
 getting
   this error now on the
   client:
  
   Client puppet-agent[15030]: Starting Puppet client version 2.6.12
   Dec 30 08:52:52 Client puppet-agent[15030]: Could not retrieve
 catalog
   from remote server: certificate verify failed
   Dec 30 08:52:52 Client puppet-agent[15030]: Using cached catalog
   Dec 30 08:52:52 Client puppet-agent[15030]: Could not retrieve
 catalog;
   skipping run
  
  
  
  
   On Fri, Dec 30, 2011 at 8:26 AM, Mohammad Khan makhan...@gmail.com
 
   wrote:
  
   I have gone little further nowwhat I have done is to delete the ssl
   folder from one of the client and ran this command on server:
 puppetca
   --clean clientname
   it has generated new certificate but in the end I get the same
 error:
  
   err: Could not call revoke: Cannot convert into OpenSSL::BN
   Further more when i restart the agent from the client now I get
 this
   message under server message log: client has a waiting certificate
   request
   Under my client message log:
   hostname  puppet-agent[13385]: Did not receive certificate
  
  
  
  
   On Fri, Dec 30, 2011 at 7:36 AM, Mohammad Khan 
 makhan...@gmail.com
   wrote:
  
   I have tried to deleted the ssl folder under puppet. And then
 tried
   to
   clean the certificate from the server but did not work.
   #puppetca --clean hostname
   notice: Revoked certificate with serial # Inventory of signed
   certificates
   # SERIAL NOT_BEFORE NOT_AFTER SUBJECT
  
  
   err:  Could not call revoke: Cannot convert into OpenSSL::BN
  
  
  
   On Fri, Dec 30, 2011 at 7:23 AM, Mohammad Khan 
 makhan...@gmail.com
   wrote:
  
   Thanks guys; I am getting closer but still some errors. I am
 getting
   these errors now.
Starting Puppet client version 2.6.12
   Dec 30 07:20:40 puppet puppet-agent[19918]: Could not retrieve
   catalog
   from remote server: Retrieved certificate does not match private
   key; please
   remove certificate from server and regenerate it with the current
   key
   Dec 30 07:20:40 server puppet-agent[19918]: Using cached catalog
   Dec 30 07:20:40 server puppet-agent[19918]: Could not retrieve
   catalog;
   skipping run
  
  
  
  
   On Fri, Dec 30, 2011 at 2:31 AM, Bernd Adamowicz
   bernd.adamow...@esailors.de wrote:
  
   I'm pretty sure that, besides the other answers already
 provided,
   your
   main problem is the wrong user for your Puppet configuration. It
   should be
   user 'puppet' and not 'root'. That's how '/etc/puppet' should
 look
   like:
  
   drwxr-xr-x  5 puppet puppet 4.0K Dec 12 17:48 .
   drwxr-xr-x 79 root   root12K Dec 26 04:03 ..
   -rw-r--r--  1 puppet puppet 3.1K Dec 12 17:48 auth.conf
   drwxr-xr-x  6 puppet puppet 4.0K Dec 12 17:48 environments
   drwxr-xr-x  3 puppet puppet 4.0K Dec 12 17:48 manifests
   -rw-r--r--  1 puppet puppet  838 Dec 12 17:48 namespaceauth.conf
   -rw-r--r--  1 puppet puppet 1.8K Dec 12 17:48 puppet.conf
   drwxr-xr-x  6 puppet puppet 4.0K Dec 30 08:20 .svn
  
   So a command like 'chown -R puppet:puppet /etc/puppet' issued as
   'root' should solve your main problem which is the 'Permission
   denied' error
   as well as the non starting Puppet process.
 

Re: [Puppet Users] Puppetserver error

[Mohammad Khan]

I have tried to deleted the ssl folder under puppet. And then tried to
clean the certificate from the server but did not work.
#puppetca --clean hostname
notice: Revoked certificate with serial # Inventory of signed certificates
# SERIAL NOT_BEFORE NOT_AFTER SUBJECT


err:  Could not call revoke: Cannot convert into OpenSSL::BN


On Fri, Dec 30, 2011 at 7:23 AM, Mohammad Khan makhan...@gmail.com wrote:

 Thanks guys; I am getting closer but still some errors. I am getting these
 errors now.
  Starting Puppet client version 2.6.12
 Dec 30 07:20:40 puppet puppet-agent[19918]: Could not retrieve catalog
 from remote server: Retrieved certificate does not match private key;
 please remove certificate from server and regenerate it with the current key
 Dec 30 07:20:40 server puppet-agent[19918]: Using cached catalog
 Dec 30 07:20:40 server puppet-agent[19918]: Could not retrieve catalog;
 skipping run




 On Fri, Dec 30, 2011 at 2:31 AM, Bernd Adamowicz 
 bernd.adamow...@esailors.de wrote:

 I'm pretty sure that, besides the other answers already provided, your
 main problem is the wrong user for your Puppet configuration. It should be
 user 'puppet' and not 'root'. That's how '/etc/puppet' should look like:

 drwxr-xr-x  5 puppet puppet 4.0K Dec 12 17:48 .
 drwxr-xr-x 79 root   root12K Dec 26 04:03 ..
 -rw-r--r--  1 puppet puppet 3.1K Dec 12 17:48 auth.conf
 drwxr-xr-x  6 puppet puppet 4.0K Dec 12 17:48 environments
 drwxr-xr-x  3 puppet puppet 4.0K Dec 12 17:48 manifests
 -rw-r--r--  1 puppet puppet  838 Dec 12 17:48 namespaceauth.conf
 -rw-r--r--  1 puppet puppet 1.8K Dec 12 17:48 puppet.conf
 drwxr-xr-x  6 puppet puppet 4.0K Dec 30 08:20 .svn

 So a command like 'chown -R puppet:puppet /etc/puppet' issued as 'root'
 should solve your main problem which is the 'Permission denied' error as
 well as the non starting Puppet process.

 Bernd

  -Ursprüngliche Nachricht-
  Von: puppet-users@googlegroups.com [mailto:puppet-
  us...@googlegroups.com] Im Auftrag von Khan
  Gesendet: Donnerstag, 29. Dezember 2011 17:37
  An: Puppet Users
  Betreff: [Puppet Users] Puppetserver error
 
  Hello everyone,
  I am new to puppet. I have installed on redhat Enterprise 5and seems
  to be working fine. Couple days ago I was testing some permissions on /
  etc folder and applied 600 /etc and sub folders. Although I have
  reverted the permission but I am having issues on puppetmaster.
  Currently I have these permission on etc 755 and puppet folder:
  my /etc folder is 755 and puppet folder with tese permsions:
 
  -rw-r--r--  1 root root 2346 May  8  2010 auth.conf
  -rw-r--r--  1 root root  419 May 19  2010 fileserver.conf
  drwxr-xr-x  3 root root 4096 Dec 23 10:48 manifests
  drwxr-xr-x 21 root root 4096 Oct 22  2010 modules
  -rw-r--r--  1 root root  980 May 27  2010 puppet.conf
  -rw-r--r--  1 root root  855 May 17  2010 puppet.conf.rpmnew
 
  I am getting these error in the log:
 
  puppet-master[3519]: Could not parse for environment production:
  Permission denied - /etc/puppet/manifests/classes/sysctl.pp at /etc/
  puppet/manifests/site.pp:3 on node client1
 
  Dec 27 14:25:46 server puppet-master[3519]: Could not parse for
  environment production: Permission denied - /etc/puppet/manifests/
  classes/sysctl.pp at /etc/puppet/manifests/site.pp:3 on node client2
 
  Dec 27 14:27:15 server puppet-master[3519]: Could not parse for
  environment production: Permission denied - /etc/puppet/manifests/
  classes/sysctl.pp at /etc/puppet/manifests/site.pp:3 on node client3
 
  Dec 27 14:27:15 server  puppet-master[3519]: Could not parse for
  environment production: Permission denied - /etc/puppet/manifests/
  classes/sysctl.pp at /etc/puppet/manifests/site.pp:3 on node client4
 
  Dec 27 14:27:15 server puppet-agent[10407]: Could not retrieve catalog
  from remote server: Error 400 on SERVER: Could not parse for
  environment production: Permission denied - /etc/puppet/manifests/
  classes/sysctl.pp at /etc/puppet/manifests/site.pp:3 on node server
  Any Help will be greatly appreciated.
 
  --
  You received this message because you are subscribed to the Google
  Groups Puppet Users group.
  To post to this group, send email to puppet-users@googlegroups.com.
  To unsubscribe from this group, send email to puppet-
  users+unsubscr...@googlegroups.com.
  For more options, visit this group at
  http://groups.google.com/group/puppet-users?hl=en.

 --
 You received this message because you are subscribed to the Google Groups
 Puppet Users group.
 To post to this group, send email to puppet-users@googlegroups.com.
 To unsubscribe from this group, send email to
 puppet-users+unsubscr...@googlegroups.com.
 For more options, visit this group at
 http://groups.google.com/group/puppet-users?hl=en.




 --
 Regards,
 Mohammad




-- 
Regards,
Mohammad

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To 

Re: [Puppet Users] Puppetserver error

[Mohammad Khan]

I have gone little further nowwhat I have done is to delete the ssl folder
from one of the client and ran this command on server: puppetca --clean
clientname
it has generated new certificate but in the end I get the same error:
err: Could not call revoke: Cannot convert into OpenSSL::BN
Further more when i restart the agent from the client now I get this
message under server message log: client has a waiting certificate request
Under my client message log:
hostname  puppet-agent[13385]: Did not receive certificate



On Fri, Dec 30, 2011 at 7:36 AM, Mohammad Khan makhan...@gmail.com wrote:

 I have tried to deleted the ssl folder under puppet. And then tried to
 clean the certificate from the server but did not work.
 #puppetca --clean hostname
 notice: Revoked certificate with serial # Inventory of signed certificates
 # SERIAL NOT_BEFORE NOT_AFTER SUBJECT


 err:  Could not call revoke: Cannot convert into OpenSSL::BN



 On Fri, Dec 30, 2011 at 7:23 AM, Mohammad Khan makhan...@gmail.comwrote:

 Thanks guys; I am getting closer but still some errors. I am getting
 these errors now.
  Starting Puppet client version 2.6.12
 Dec 30 07:20:40 puppet puppet-agent[19918]: Could not retrieve catalog
 from remote server: Retrieved certificate does not match private key;
 please remove certificate from server and regenerate it with the current key
 Dec 30 07:20:40 server puppet-agent[19918]: Using cached catalog
 Dec 30 07:20:40 server puppet-agent[19918]: Could not retrieve catalog;
 skipping run




 On Fri, Dec 30, 2011 at 2:31 AM, Bernd Adamowicz 
 bernd.adamow...@esailors.de wrote:

 I'm pretty sure that, besides the other answers already provided, your
 main problem is the wrong user for your Puppet configuration. It should be
 user 'puppet' and not 'root'. That's how '/etc/puppet' should look like:

 drwxr-xr-x  5 puppet puppet 4.0K Dec 12 17:48 .
 drwxr-xr-x 79 root   root12K Dec 26 04:03 ..
 -rw-r--r--  1 puppet puppet 3.1K Dec 12 17:48 auth.conf
 drwxr-xr-x  6 puppet puppet 4.0K Dec 12 17:48 environments
 drwxr-xr-x  3 puppet puppet 4.0K Dec 12 17:48 manifests
 -rw-r--r--  1 puppet puppet  838 Dec 12 17:48 namespaceauth.conf
 -rw-r--r--  1 puppet puppet 1.8K Dec 12 17:48 puppet.conf
 drwxr-xr-x  6 puppet puppet 4.0K Dec 30 08:20 .svn

 So a command like 'chown -R puppet:puppet /etc/puppet' issued as 'root'
 should solve your main problem which is the 'Permission denied' error as
 well as the non starting Puppet process.

 Bernd

  -Ursprüngliche Nachricht-
  Von: puppet-users@googlegroups.com [mailto:puppet-
  us...@googlegroups.com] Im Auftrag von Khan
  Gesendet: Donnerstag, 29. Dezember 2011 17:37
  An: Puppet Users
  Betreff: [Puppet Users] Puppetserver error
 
  Hello everyone,
  I am new to puppet. I have installed on redhat Enterprise 5and seems
  to be working fine. Couple days ago I was testing some permissions on /
  etc folder and applied 600 /etc and sub folders. Although I have
  reverted the permission but I am having issues on puppetmaster.
  Currently I have these permission on etc 755 and puppet folder:
  my /etc folder is 755 and puppet folder with tese permsions:
 
  -rw-r--r--  1 root root 2346 May  8  2010 auth.conf
  -rw-r--r--  1 root root  419 May 19  2010 fileserver.conf
  drwxr-xr-x  3 root root 4096 Dec 23 10:48 manifests
  drwxr-xr-x 21 root root 4096 Oct 22  2010 modules
  -rw-r--r--  1 root root  980 May 27  2010 puppet.conf
  -rw-r--r--  1 root root  855 May 17  2010 puppet.conf.rpmnew
 
  I am getting these error in the log:
 
  puppet-master[3519]: Could not parse for environment production:
  Permission denied - /etc/puppet/manifests/classes/sysctl.pp at /etc/
  puppet/manifests/site.pp:3 on node client1
 
  Dec 27 14:25:46 server puppet-master[3519]: Could not parse for
  environment production: Permission denied - /etc/puppet/manifests/
  classes/sysctl.pp at /etc/puppet/manifests/site.pp:3 on node client2
 
  Dec 27 14:27:15 server puppet-master[3519]: Could not parse for
  environment production: Permission denied - /etc/puppet/manifests/
  classes/sysctl.pp at /etc/puppet/manifests/site.pp:3 on node client3
 
  Dec 27 14:27:15 server  puppet-master[3519]: Could not parse for
  environment production: Permission denied - /etc/puppet/manifests/
  classes/sysctl.pp at /etc/puppet/manifests/site.pp:3 on node client4
 
  Dec 27 14:27:15 server puppet-agent[10407]: Could not retrieve catalog
  from remote server: Error 400 on SERVER: Could not parse for
  environment production: Permission denied - /etc/puppet/manifests/
  classes/sysctl.pp at /etc/puppet/manifests/site.pp:3 on node server
  Any Help will be greatly appreciated.
 
  --
  You received this message because you are subscribed to the Google
  Groups Puppet Users group.
  To post to this group, send email to puppet-users@googlegroups.com.
  To unsubscribe from this group, send email to puppet-
  users+unsubscr...@googlegroups.com.
  For more options, visit this group at
  

Re: [Puppet Users] Puppetserver error

[Mohammad Khan]

I was able to sign the certificate to the client but still I am getting
this error now on the
client:

Client puppet-agent[15030]: Starting Puppet client version 2.6.12
Dec 30 08:52:52 Client puppet-agent[15030]: Could not retrieve catalog from
remote server: certificate verify failed
Dec 30 08:52:52 Client puppet-agent[15030]: Using cached catalog
Dec 30 08:52:52 Client puppet-agent[15030]: Could not retrieve catalog;
skipping run



On Fri, Dec 30, 2011 at 8:26 AM, Mohammad Khan makhan...@gmail.com wrote:

 I have gone little further nowwhat I have done is to delete the ssl folder
 from one of the client and ran this command on server: puppetca --clean
 clientname
 it has generated new certificate but in the end I get the same error:

 err: Could not call revoke: Cannot convert into OpenSSL::BN
 Further more when i restart the agent from the client now I get this
 message under server message log: client has a waiting certificate request
 Under my client message log:
 hostname  puppet-agent[13385]: Did not receive certificate




 On Fri, Dec 30, 2011 at 7:36 AM, Mohammad Khan makhan...@gmail.comwrote:

 I have tried to deleted the ssl folder under puppet. And then tried to
 clean the certificate from the server but did not work.
 #puppetca --clean hostname
 notice: Revoked certificate with serial # Inventory of signed certificates
 # SERIAL NOT_BEFORE NOT_AFTER SUBJECT


 err:  Could not call revoke: Cannot convert into OpenSSL::BN



 On Fri, Dec 30, 2011 at 7:23 AM, Mohammad Khan makhan...@gmail.comwrote:

 Thanks guys; I am getting closer but still some errors. I am getting
 these errors now.
  Starting Puppet client version 2.6.12
 Dec 30 07:20:40 puppet puppet-agent[19918]: Could not retrieve catalog
 from remote server: Retrieved certificate does not match private key;
 please remove certificate from server and regenerate it with the current key
 Dec 30 07:20:40 server puppet-agent[19918]: Using cached catalog
 Dec 30 07:20:40 server puppet-agent[19918]: Could not retrieve catalog;
 skipping run




 On Fri, Dec 30, 2011 at 2:31 AM, Bernd Adamowicz 
 bernd.adamow...@esailors.de wrote:

 I'm pretty sure that, besides the other answers already provided, your
 main problem is the wrong user for your Puppet configuration. It should be
 user 'puppet' and not 'root'. That's how '/etc/puppet' should look like:

 drwxr-xr-x  5 puppet puppet 4.0K Dec 12 17:48 .
 drwxr-xr-x 79 root   root12K Dec 26 04:03 ..
 -rw-r--r--  1 puppet puppet 3.1K Dec 12 17:48 auth.conf
 drwxr-xr-x  6 puppet puppet 4.0K Dec 12 17:48 environments
 drwxr-xr-x  3 puppet puppet 4.0K Dec 12 17:48 manifests
 -rw-r--r--  1 puppet puppet  838 Dec 12 17:48 namespaceauth.conf
 -rw-r--r--  1 puppet puppet 1.8K Dec 12 17:48 puppet.conf
 drwxr-xr-x  6 puppet puppet 4.0K Dec 30 08:20 .svn

 So a command like 'chown -R puppet:puppet /etc/puppet' issued as 'root'
 should solve your main problem which is the 'Permission denied' error as
 well as the non starting Puppet process.

 Bernd

  -Ursprüngliche Nachricht-
  Von: puppet-users@googlegroups.com [mailto:puppet-
  us...@googlegroups.com] Im Auftrag von Khan
  Gesendet: Donnerstag, 29. Dezember 2011 17:37
  An: Puppet Users
  Betreff: [Puppet Users] Puppetserver error
 
  Hello everyone,
  I am new to puppet. I have installed on redhat Enterprise 5and seems
  to be working fine. Couple days ago I was testing some permissions on
 /
  etc folder and applied 600 /etc and sub folders. Although I have
  reverted the permission but I am having issues on puppetmaster.
  Currently I have these permission on etc 755 and puppet folder:
  my /etc folder is 755 and puppet folder with tese permsions:
 
  -rw-r--r--  1 root root 2346 May  8  2010 auth.conf
  -rw-r--r--  1 root root  419 May 19  2010 fileserver.conf
  drwxr-xr-x  3 root root 4096 Dec 23 10:48 manifests
  drwxr-xr-x 21 root root 4096 Oct 22  2010 modules
  -rw-r--r--  1 root root  980 May 27  2010 puppet.conf
  -rw-r--r--  1 root root  855 May 17  2010 puppet.conf.rpmnew
 
  I am getting these error in the log:
 
  puppet-master[3519]: Could not parse for environment production:
  Permission denied - /etc/puppet/manifests/classes/sysctl.pp at /etc/
  puppet/manifests/site.pp:3 on node client1
 
  Dec 27 14:25:46 server puppet-master[3519]: Could not parse for
  environment production: Permission denied - /etc/puppet/manifests/
  classes/sysctl.pp at /etc/puppet/manifests/site.pp:3 on node client2
 
  Dec 27 14:27:15 server puppet-master[3519]: Could not parse for
  environment production: Permission denied - /etc/puppet/manifests/
  classes/sysctl.pp at /etc/puppet/manifests/site.pp:3 on node client3
 
  Dec 27 14:27:15 server  puppet-master[3519]: Could not parse for
  environment production: Permission denied - /etc/puppet/manifests/
  classes/sysctl.pp at /etc/puppet/manifests/site.pp:3 on node client4
 
  Dec 27 14:27:15 server puppet-agent[10407]: Could not retrieve catalog
  from remote server: Error 400 on SERVER: Could not 

Re: [Puppet Users] Puppetserver error

[Mohammad Khan]

Do I need to make any changes to server or delete sl info on the server. I
am still getting the certificate verify failed error on clients?

On Fri, Dec 30, 2011 at 8:54 AM, Mohammad Khan makhan...@gmail.com wrote:

 I was able to sign the certificate to the client but still I am getting
 this error now on the
 client:

 Client puppet-agent[15030]: Starting Puppet client version 2.6.12
 Dec 30 08:52:52 Client puppet-agent[15030]: Could not retrieve catalog
 from remote server: certificate verify failed
 Dec 30 08:52:52 Client puppet-agent[15030]: Using cached catalog
 Dec 30 08:52:52 Client puppet-agent[15030]: Could not retrieve catalog;
 skipping run




 On Fri, Dec 30, 2011 at 8:26 AM, Mohammad Khan makhan...@gmail.comwrote:

 I have gone little further nowwhat I have done is to delete the ssl
 folder from one of the client and ran this command on server: puppetca
 --clean clientname
 it has generated new certificate but in the end I get the same error:

 err: Could not call revoke: Cannot convert into OpenSSL::BN
 Further more when i restart the agent from the client now I get this
 message under server message log: client has a waiting certificate request
 Under my client message log:
 hostname  puppet-agent[13385]: Did not receive certificate




 On Fri, Dec 30, 2011 at 7:36 AM, Mohammad Khan makhan...@gmail.comwrote:

 I have tried to deleted the ssl folder under puppet. And then tried to
 clean the certificate from the server but did not work.
 #puppetca --clean hostname
 notice: Revoked certificate with serial # Inventory of signed
 certificates
 # SERIAL NOT_BEFORE NOT_AFTER SUBJECT


 err:  Could not call revoke: Cannot convert into OpenSSL::BN



 On Fri, Dec 30, 2011 at 7:23 AM, Mohammad Khan makhan...@gmail.comwrote:

 Thanks guys; I am getting closer but still some errors. I am getting
 these errors now.
  Starting Puppet client version 2.6.12
 Dec 30 07:20:40 puppet puppet-agent[19918]: Could not retrieve catalog
 from remote server: Retrieved certificate does not match private key;
 please remove certificate from server and regenerate it with the current 
 key
 Dec 30 07:20:40 server puppet-agent[19918]: Using cached catalog
 Dec 30 07:20:40 server puppet-agent[19918]: Could not retrieve catalog;
 skipping run




 On Fri, Dec 30, 2011 at 2:31 AM, Bernd Adamowicz 
 bernd.adamow...@esailors.de wrote:

 I'm pretty sure that, besides the other answers already provided, your
 main problem is the wrong user for your Puppet configuration. It should be
 user 'puppet' and not 'root'. That's how '/etc/puppet' should look like:

 drwxr-xr-x  5 puppet puppet 4.0K Dec 12 17:48 .
 drwxr-xr-x 79 root   root12K Dec 26 04:03 ..
 -rw-r--r--  1 puppet puppet 3.1K Dec 12 17:48 auth.conf
 drwxr-xr-x  6 puppet puppet 4.0K Dec 12 17:48 environments
 drwxr-xr-x  3 puppet puppet 4.0K Dec 12 17:48 manifests
 -rw-r--r--  1 puppet puppet  838 Dec 12 17:48 namespaceauth.conf
 -rw-r--r--  1 puppet puppet 1.8K Dec 12 17:48 puppet.conf
 drwxr-xr-x  6 puppet puppet 4.0K Dec 30 08:20 .svn

 So a command like 'chown -R puppet:puppet /etc/puppet' issued as
 'root' should solve your main problem which is the 'Permission denied'
 error as well as the non starting Puppet process.

 Bernd

  -Ursprüngliche Nachricht-
  Von: puppet-users@googlegroups.com [mailto:puppet-
  us...@googlegroups.com] Im Auftrag von Khan
  Gesendet: Donnerstag, 29. Dezember 2011 17:37
  An: Puppet Users
  Betreff: [Puppet Users] Puppetserver error
 
  Hello everyone,
  I am new to puppet. I have installed on redhat Enterprise 5and seems
  to be working fine. Couple days ago I was testing some permissions
 on /
  etc folder and applied 600 /etc and sub folders. Although I have
  reverted the permission but I am having issues on puppetmaster.
  Currently I have these permission on etc 755 and puppet folder:
  my /etc folder is 755 and puppet folder with tese permsions:
 
  -rw-r--r--  1 root root 2346 May  8  2010 auth.conf
  -rw-r--r--  1 root root  419 May 19  2010 fileserver.conf
  drwxr-xr-x  3 root root 4096 Dec 23 10:48 manifests
  drwxr-xr-x 21 root root 4096 Oct 22  2010 modules
  -rw-r--r--  1 root root  980 May 27  2010 puppet.conf
  -rw-r--r--  1 root root  855 May 17  2010 puppet.conf.rpmnew
 
  I am getting these error in the log:
 
  puppet-master[3519]: Could not parse for environment production:
  Permission denied - /etc/puppet/manifests/classes/sysctl.pp at /etc/
  puppet/manifests/site.pp:3 on node client1
 
  Dec 27 14:25:46 server puppet-master[3519]: Could not parse for
  environment production: Permission denied - /etc/puppet/manifests/
  classes/sysctl.pp at /etc/puppet/manifests/site.pp:3 on node client2
 
  Dec 27 14:27:15 server puppet-master[3519]: Could not parse for
  environment production: Permission denied - /etc/puppet/manifests/
  classes/sysctl.pp at /etc/puppet/manifests/site.pp:3 on node client3
 
  Dec 27 14:27:15 server  puppet-master[3519]: Could not parse for
  environment production: Permission 

Re: [Puppet Users] Puppetserver error

[Aaron Grewell]

Did you remove the ssldir on the server or the client?  Usually to
completely reset the cert you run clean on the server, remove the
contents of the ssldir on the client, then re-run puppet and it should
rebuild the cert.  I wouldn't recommend removing the ssldir on the
server except as a last resort, otherwise you'll have to rebuild all
your client certs.

If that's what you already did, make sure that your ssldir and its
contents are owned by user  group puppet as well.

On Fri, Dec 30, 2011 at 8:02 AM, Mohammad Khan makhan...@gmail.com wrote:
 Do I need to make any changes to server or delete sl info on the server. I
 am still getting the certificate verify failed error on clients?


 On Fri, Dec 30, 2011 at 8:54 AM, Mohammad Khan makhan...@gmail.com wrote:

 I was able to sign the certificate to the client but still I am getting
 this error now on the
 client:

 Client puppet-agent[15030]: Starting Puppet client version 2.6.12
 Dec 30 08:52:52 Client puppet-agent[15030]: Could not retrieve catalog
 from remote server: certificate verify failed
 Dec 30 08:52:52 Client puppet-agent[15030]: Using cached catalog
 Dec 30 08:52:52 Client puppet-agent[15030]: Could not retrieve catalog;
 skipping run




 On Fri, Dec 30, 2011 at 8:26 AM, Mohammad Khan makhan...@gmail.com
 wrote:

 I have gone little further nowwhat I have done is to delete the ssl
 folder from one of the client and ran this command on server: puppetca
 --clean clientname
 it has generated new certificate but in the end I get the same error:

 err: Could not call revoke: Cannot convert into OpenSSL::BN
 Further more when i restart the agent from the client now I get this
 message under server message log: client has a waiting certificate request
 Under my client message log:
 hostname  puppet-agent[13385]: Did not receive certificate




 On Fri, Dec 30, 2011 at 7:36 AM, Mohammad Khan makhan...@gmail.com
 wrote:

 I have tried to deleted the ssl folder under puppet. And then tried to
 clean the certificate from the server but did not work.
 #puppetca --clean hostname
 notice: Revoked certificate with serial # Inventory of signed
 certificates
 # SERIAL NOT_BEFORE NOT_AFTER SUBJECT


 err:  Could not call revoke: Cannot convert into OpenSSL::BN



 On Fri, Dec 30, 2011 at 7:23 AM, Mohammad Khan makhan...@gmail.com
 wrote:

 Thanks guys; I am getting closer but still some errors. I am getting
 these errors now.
  Starting Puppet client version 2.6.12
 Dec 30 07:20:40 puppet puppet-agent[19918]: Could not retrieve catalog
 from remote server: Retrieved certificate does not match private key; 
 please
 remove certificate from server and regenerate it with the current key
 Dec 30 07:20:40 server puppet-agent[19918]: Using cached catalog
 Dec 30 07:20:40 server puppet-agent[19918]: Could not retrieve catalog;
 skipping run




 On Fri, Dec 30, 2011 at 2:31 AM, Bernd Adamowicz
 bernd.adamow...@esailors.de wrote:

 I'm pretty sure that, besides the other answers already provided, your
 main problem is the wrong user for your Puppet configuration. It should 
 be
 user 'puppet' and not 'root'. That's how '/etc/puppet' should look like:

 drwxr-xr-x  5 puppet puppet 4.0K Dec 12 17:48 .
 drwxr-xr-x 79 root   root    12K Dec 26 04:03 ..
 -rw-r--r--  1 puppet puppet 3.1K Dec 12 17:48 auth.conf
 drwxr-xr-x  6 puppet puppet 4.0K Dec 12 17:48 environments
 drwxr-xr-x  3 puppet puppet 4.0K Dec 12 17:48 manifests
 -rw-r--r--  1 puppet puppet  838 Dec 12 17:48 namespaceauth.conf
 -rw-r--r--  1 puppet puppet 1.8K Dec 12 17:48 puppet.conf
 drwxr-xr-x  6 puppet puppet 4.0K Dec 30 08:20 .svn

 So a command like 'chown -R puppet:puppet /etc/puppet' issued as
 'root' should solve your main problem which is the 'Permission denied' 
 error
 as well as the non starting Puppet process.

 Bernd

  -Ursprüngliche Nachricht-
  Von: puppet-users@googlegroups.com [mailto:puppet-
  us...@googlegroups.com] Im Auftrag von Khan
  Gesendet: Donnerstag, 29. Dezember 2011 17:37
  An: Puppet Users
  Betreff: [Puppet Users] Puppetserver error
 
  Hello everyone,
  I am new to puppet. I have installed on redhat Enterprise 5and seems
  to be working fine. Couple days ago I was testing some permissions
  on /
  etc folder and applied 600 /etc and sub folders. Although I have
  reverted the permission but I am having issues on puppetmaster.
  Currently I have these permission on etc 755 and puppet folder:
  my /etc folder is 755 and puppet folder with tese permsions:
 
  -rw-r--r--  1 root root 2346 May  8  2010 auth.conf
  -rw-r--r--  1 root root  419 May 19  2010 fileserver.conf
  drwxr-xr-x  3 root root 4096 Dec 23 10:48 manifests
  drwxr-xr-x 21 root root 4096 Oct 22  2010 modules
  -rw-r--r--  1 root root  980 May 27  2010 puppet.conf
  -rw-r--r--  1 root root  855 May 17  2010 puppet.conf.rpmnew
 
  I am getting these error in the log:
 
  puppet-master[3519]: Could not parse for environment production:
  Permission denied - /etc/puppet/manifests/classes/sysctl.pp at /etc/
  

Re: [Puppet Users] Puppetserver error

[Mohammad Khan]

I removed ssldir from clients and ran the puppetca --clean from the server.
It ran fine finally. Now I am stuck on where client complains that
'certificate verify failed I dont know what to do now?

On Fri, Dec 30, 2011 at 11:42 AM, Aaron Grewell aaron.grew...@gmail.comwrote:

 Did you remove the ssldir on the server or the client?  Usually to
 completely reset the cert you run clean on the server, remove the
 contents of the ssldir on the client, then re-run puppet and it should
 rebuild the cert.  I wouldn't recommend removing the ssldir on the
 server except as a last resort, otherwise you'll have to rebuild all
 your client certs.

 If that's what you already did, make sure that your ssldir and its
 contents are owned by user  group puppet as well.

 On Fri, Dec 30, 2011 at 8:02 AM, Mohammad Khan makhan...@gmail.com
 wrote:
  Do I need to make any changes to server or delete sl info on the server.
 I
  am still getting the certificate verify failed error on clients?
 
 
  On Fri, Dec 30, 2011 at 8:54 AM, Mohammad Khan makhan...@gmail.com
 wrote:
 
  I was able to sign the certificate to the client but still I am getting
  this error now on the
  client:
 
  Client puppet-agent[15030]: Starting Puppet client version 2.6.12
  Dec 30 08:52:52 Client puppet-agent[15030]: Could not retrieve catalog
  from remote server: certificate verify failed
  Dec 30 08:52:52 Client puppet-agent[15030]: Using cached catalog
  Dec 30 08:52:52 Client puppet-agent[15030]: Could not retrieve catalog;
  skipping run
 
 
 
 
  On Fri, Dec 30, 2011 at 8:26 AM, Mohammad Khan makhan...@gmail.com
  wrote:
 
  I have gone little further nowwhat I have done is to delete the ssl
  folder from one of the client and ran this command on server: puppetca
  --clean clientname
  it has generated new certificate but in the end I get the same error:
 
  err: Could not call revoke: Cannot convert into OpenSSL::BN
  Further more when i restart the agent from the client now I get this
  message under server message log: client has a waiting certificate
 request
  Under my client message log:
  hostname  puppet-agent[13385]: Did not receive certificate
 
 
 
 
  On Fri, Dec 30, 2011 at 7:36 AM, Mohammad Khan makhan...@gmail.com
  wrote:
 
  I have tried to deleted the ssl folder under puppet. And then tried to
  clean the certificate from the server but did not work.
  #puppetca --clean hostname
  notice: Revoked certificate with serial # Inventory of signed
  certificates
  # SERIAL NOT_BEFORE NOT_AFTER SUBJECT
 
 
  err:  Could not call revoke: Cannot convert into OpenSSL::BN
 
 
 
  On Fri, Dec 30, 2011 at 7:23 AM, Mohammad Khan makhan...@gmail.com
  wrote:
 
  Thanks guys; I am getting closer but still some errors. I am getting
  these errors now.
   Starting Puppet client version 2.6.12
  Dec 30 07:20:40 puppet puppet-agent[19918]: Could not retrieve
 catalog
  from remote server: Retrieved certificate does not match private
 key; please
  remove certificate from server and regenerate it with the current key
  Dec 30 07:20:40 server puppet-agent[19918]: Using cached catalog
  Dec 30 07:20:40 server puppet-agent[19918]: Could not retrieve
 catalog;
  skipping run
 
 
 
 
  On Fri, Dec 30, 2011 at 2:31 AM, Bernd Adamowicz
  bernd.adamow...@esailors.de wrote:
 
  I'm pretty sure that, besides the other answers already provided,
 your
  main problem is the wrong user for your Puppet configuration. It
 should be
  user 'puppet' and not 'root'. That's how '/etc/puppet' should look
 like:
 
  drwxr-xr-x  5 puppet puppet 4.0K Dec 12 17:48 .
  drwxr-xr-x 79 root   root12K Dec 26 04:03 ..
  -rw-r--r--  1 puppet puppet 3.1K Dec 12 17:48 auth.conf
  drwxr-xr-x  6 puppet puppet 4.0K Dec 12 17:48 environments
  drwxr-xr-x  3 puppet puppet 4.0K Dec 12 17:48 manifests
  -rw-r--r--  1 puppet puppet  838 Dec 12 17:48 namespaceauth.conf
  -rw-r--r--  1 puppet puppet 1.8K Dec 12 17:48 puppet.conf
  drwxr-xr-x  6 puppet puppet 4.0K Dec 30 08:20 .svn
 
  So a command like 'chown -R puppet:puppet /etc/puppet' issued as
  'root' should solve your main problem which is the 'Permission
 denied' error
  as well as the non starting Puppet process.
 
  Bernd
 
   -Ursprüngliche Nachricht-
   Von: puppet-users@googlegroups.com [mailto:puppet-
   us...@googlegroups.com] Im Auftrag von Khan
   Gesendet: Donnerstag, 29. Dezember 2011 17:37
   An: Puppet Users
   Betreff: [Puppet Users] Puppetserver error
  
   Hello everyone,
   I am new to puppet. I have installed on redhat Enterprise 5and
 seems
   to be working fine. Couple days ago I was testing some permissions
   on /
   etc folder and applied 600 /etc and sub folders. Although I have
   reverted the permission but I am having issues on puppetmaster.
   Currently I have these permission on etc 755 and puppet folder:
   my /etc folder is 755 and puppet folder with tese permsions:
  
   -rw-r--r--  1 root root 2346 May  8  2010 auth.conf
   -rw-r--r--  1 root root  419 May 19  2010 fileserver.conf
   

Re: [Puppet Users] Puppetserver error

[Aaron Grewell]

You'll have to re-sign your node's cert using puppetca --sign hostname

On Fri, Dec 30, 2011 at 9:28 AM, Mohammad Khan makhan...@gmail.com wrote:
 I removed ssldir from clients and ran the puppetca --clean from the server.
 It ran fine finally. Now I am stuck on where client complains that
 'certificate verify failed I dont know what to do now?


 On Fri, Dec 30, 2011 at 11:42 AM, Aaron Grewell aaron.grew...@gmail.com
 wrote:

 Did you remove the ssldir on the server or the client?  Usually to
 completely reset the cert you run clean on the server, remove the
 contents of the ssldir on the client, then re-run puppet and it should
 rebuild the cert.  I wouldn't recommend removing the ssldir on the
 server except as a last resort, otherwise you'll have to rebuild all
 your client certs.

 If that's what you already did, make sure that your ssldir and its
 contents are owned by user  group puppet as well.

 On Fri, Dec 30, 2011 at 8:02 AM, Mohammad Khan makhan...@gmail.com
 wrote:
  Do I need to make any changes to server or delete sl info on the server.
  I
  am still getting the certificate verify failed error on clients?
 
 
  On Fri, Dec 30, 2011 at 8:54 AM, Mohammad Khan makhan...@gmail.com
  wrote:
 
  I was able to sign the certificate to the client but still I am getting
  this error now on the
  client:
 
  Client puppet-agent[15030]: Starting Puppet client version 2.6.12
  Dec 30 08:52:52 Client puppet-agent[15030]: Could not retrieve catalog
  from remote server: certificate verify failed
  Dec 30 08:52:52 Client puppet-agent[15030]: Using cached catalog
  Dec 30 08:52:52 Client puppet-agent[15030]: Could not retrieve catalog;
  skipping run
 
 
 
 
  On Fri, Dec 30, 2011 at 8:26 AM, Mohammad Khan makhan...@gmail.com
  wrote:
 
  I have gone little further nowwhat I have done is to delete the ssl
  folder from one of the client and ran this command on server: puppetca
  --clean clientname
  it has generated new certificate but in the end I get the same error:
 
  err: Could not call revoke: Cannot convert into OpenSSL::BN
  Further more when i restart the agent from the client now I get this
  message under server message log: client has a waiting certificate
  request
  Under my client message log:
  hostname  puppet-agent[13385]: Did not receive certificate
 
 
 
 
  On Fri, Dec 30, 2011 at 7:36 AM, Mohammad Khan makhan...@gmail.com
  wrote:
 
  I have tried to deleted the ssl folder under puppet. And then tried
  to
  clean the certificate from the server but did not work.
  #puppetca --clean hostname
  notice: Revoked certificate with serial # Inventory of signed
  certificates
  # SERIAL NOT_BEFORE NOT_AFTER SUBJECT
 
 
  err:  Could not call revoke: Cannot convert into OpenSSL::BN
 
 
 
  On Fri, Dec 30, 2011 at 7:23 AM, Mohammad Khan makhan...@gmail.com
  wrote:
 
  Thanks guys; I am getting closer but still some errors. I am getting
  these errors now.
   Starting Puppet client version 2.6.12
  Dec 30 07:20:40 puppet puppet-agent[19918]: Could not retrieve
  catalog
  from remote server: Retrieved certificate does not match private
  key; please
  remove certificate from server and regenerate it with the current
  key
  Dec 30 07:20:40 server puppet-agent[19918]: Using cached catalog
  Dec 30 07:20:40 server puppet-agent[19918]: Could not retrieve
  catalog;
  skipping run
 
 
 
 
  On Fri, Dec 30, 2011 at 2:31 AM, Bernd Adamowicz
  bernd.adamow...@esailors.de wrote:
 
  I'm pretty sure that, besides the other answers already provided,
  your
  main problem is the wrong user for your Puppet configuration. It
  should be
  user 'puppet' and not 'root'. That's how '/etc/puppet' should look
  like:
 
  drwxr-xr-x  5 puppet puppet 4.0K Dec 12 17:48 .
  drwxr-xr-x 79 root   root    12K Dec 26 04:03 ..
  -rw-r--r--  1 puppet puppet 3.1K Dec 12 17:48 auth.conf
  drwxr-xr-x  6 puppet puppet 4.0K Dec 12 17:48 environments
  drwxr-xr-x  3 puppet puppet 4.0K Dec 12 17:48 manifests
  -rw-r--r--  1 puppet puppet  838 Dec 12 17:48 namespaceauth.conf
  -rw-r--r--  1 puppet puppet 1.8K Dec 12 17:48 puppet.conf
  drwxr-xr-x  6 puppet puppet 4.0K Dec 30 08:20 .svn
 
  So a command like 'chown -R puppet:puppet /etc/puppet' issued as
  'root' should solve your main problem which is the 'Permission
  denied' error
  as well as the non starting Puppet process.
 
  Bernd
 
   -Ursprüngliche Nachricht-
   Von: puppet-users@googlegroups.com [mailto:puppet-
   us...@googlegroups.com] Im Auftrag von Khan
   Gesendet: Donnerstag, 29. Dezember 2011 17:37
   An: Puppet Users
   Betreff: [Puppet Users] Puppetserver error
  
   Hello everyone,
   I am new to puppet. I have installed on redhat Enterprise 5and
   seems
   to be working fine. Couple days ago I was testing some
   permissions
   on /
   etc folder and applied 600 /etc and sub folders. Although I have
   reverted the permission but I am having issues on puppetmaster.
   Currently I have these permission on etc 755 and puppet folder:
   my /etc folder 

Re: [Puppet Users] Puppetserver error

[Mohammad Khan]

I have done this already; however, client certificate verify failed is
occurring now where I am stuck.

On Fri, Dec 30, 2011 at 12:51 PM, Aaron Grewell aaron.grew...@gmail.comwrote:

 You'll have to re-sign your node's cert using puppetca --sign hostname

 On Fri, Dec 30, 2011 at 9:28 AM, Mohammad Khan makhan...@gmail.com
 wrote:
  I removed ssldir from clients and ran the puppetca --clean from the
 server.
  It ran fine finally. Now I am stuck on where client complains that
  'certificate verify failed I dont know what to do now?
 
 
  On Fri, Dec 30, 2011 at 11:42 AM, Aaron Grewell aaron.grew...@gmail.com
 
  wrote:
 
  Did you remove the ssldir on the server or the client?  Usually to
  completely reset the cert you run clean on the server, remove the
  contents of the ssldir on the client, then re-run puppet and it should
  rebuild the cert.  I wouldn't recommend removing the ssldir on the
  server except as a last resort, otherwise you'll have to rebuild all
  your client certs.
 
  If that's what you already did, make sure that your ssldir and its
  contents are owned by user  group puppet as well.
 
  On Fri, Dec 30, 2011 at 8:02 AM, Mohammad Khan makhan...@gmail.com
  wrote:
   Do I need to make any changes to server or delete sl info on the
 server.
   I
   am still getting the certificate verify failed error on clients?
  
  
   On Fri, Dec 30, 2011 at 8:54 AM, Mohammad Khan makhan...@gmail.com
   wrote:
  
   I was able to sign the certificate to the client but still I am
 getting
   this error now on the
   client:
  
   Client puppet-agent[15030]: Starting Puppet client version 2.6.12
   Dec 30 08:52:52 Client puppet-agent[15030]: Could not retrieve
 catalog
   from remote server: certificate verify failed
   Dec 30 08:52:52 Client puppet-agent[15030]: Using cached catalog
   Dec 30 08:52:52 Client puppet-agent[15030]: Could not retrieve
 catalog;
   skipping run
  
  
  
  
   On Fri, Dec 30, 2011 at 8:26 AM, Mohammad Khan makhan...@gmail.com
   wrote:
  
   I have gone little further nowwhat I have done is to delete the ssl
   folder from one of the client and ran this command on server:
 puppetca
   --clean clientname
   it has generated new certificate but in the end I get the same
 error:
  
   err: Could not call revoke: Cannot convert into OpenSSL::BN
   Further more when i restart the agent from the client now I get this
   message under server message log: client has a waiting certificate
   request
   Under my client message log:
   hostname  puppet-agent[13385]: Did not receive certificate
  
  
  
  
   On Fri, Dec 30, 2011 at 7:36 AM, Mohammad Khan makhan...@gmail.com
 
   wrote:
  
   I have tried to deleted the ssl folder under puppet. And then tried
   to
   clean the certificate from the server but did not work.
   #puppetca --clean hostname
   notice: Revoked certificate with serial # Inventory of signed
   certificates
   # SERIAL NOT_BEFORE NOT_AFTER SUBJECT
  
  
   err:  Could not call revoke: Cannot convert into OpenSSL::BN
  
  
  
   On Fri, Dec 30, 2011 at 7:23 AM, Mohammad Khan 
 makhan...@gmail.com
   wrote:
  
   Thanks guys; I am getting closer but still some errors. I am
 getting
   these errors now.
Starting Puppet client version 2.6.12
   Dec 30 07:20:40 puppet puppet-agent[19918]: Could not retrieve
   catalog
   from remote server: Retrieved certificate does not match private
   key; please
   remove certificate from server and regenerate it with the current
   key
   Dec 30 07:20:40 server puppet-agent[19918]: Using cached catalog
   Dec 30 07:20:40 server puppet-agent[19918]: Could not retrieve
   catalog;
   skipping run
  
  
  
  
   On Fri, Dec 30, 2011 at 2:31 AM, Bernd Adamowicz
   bernd.adamow...@esailors.de wrote:
  
   I'm pretty sure that, besides the other answers already provided,
   your
   main problem is the wrong user for your Puppet configuration. It
   should be
   user 'puppet' and not 'root'. That's how '/etc/puppet' should
 look
   like:
  
   drwxr-xr-x  5 puppet puppet 4.0K Dec 12 17:48 .
   drwxr-xr-x 79 root   root12K Dec 26 04:03 ..
   -rw-r--r--  1 puppet puppet 3.1K Dec 12 17:48 auth.conf
   drwxr-xr-x  6 puppet puppet 4.0K Dec 12 17:48 environments
   drwxr-xr-x  3 puppet puppet 4.0K Dec 12 17:48 manifests
   -rw-r--r--  1 puppet puppet  838 Dec 12 17:48 namespaceauth.conf
   -rw-r--r--  1 puppet puppet 1.8K Dec 12 17:48 puppet.conf
   drwxr-xr-x  6 puppet puppet 4.0K Dec 30 08:20 .svn
  
   So a command like 'chown -R puppet:puppet /etc/puppet' issued as
   'root' should solve your main problem which is the 'Permission
   denied' error
   as well as the non starting Puppet process.
  
   Bernd
  
-Ursprüngliche Nachricht-
Von: puppet-users@googlegroups.com [mailto:puppet-
us...@googlegroups.com] Im Auftrag von Khan
Gesendet: Donnerstag, 29. Dezember 2011 17:37
An: Puppet Users
Betreff: [Puppet Users] Puppetserver error
   
Hello everyone,
I am new to puppet. I have installed on 

Re: [Puppet Users] Puppetserver error

[Florian Koch]

Hi, Maybe a Time related Problem? Check the Time on both, Client and Server




Am 30.12.2011 um 18:55 schrieb Mohammad Khan makhan...@gmail.com:

 I have done this already; however, client certificate verify failed is 
 occurring now where I am stuck.  
 
 On Fri, Dec 30, 2011 at 12:51 PM, Aaron Grewell aaron.grew...@gmail.com 
 wrote:
 You'll have to re-sign your node's cert using puppetca --sign hostname
 
 On Fri, Dec 30, 2011 at 9:28 AM, Mohammad Khan makhan...@gmail.com wrote:
  I removed ssldir from clients and ran the puppetca --clean from the server.
  It ran fine finally. Now I am stuck on where client complains that
  'certificate verify failed I dont know what to do now?
 
 
  On Fri, Dec 30, 2011 at 11:42 AM, Aaron Grewell aaron.grew...@gmail.com
  wrote:
 
  Did you remove the ssldir on the server or the client?  Usually to
  completely reset the cert you run clean on the server, remove the
  contents of the ssldir on the client, then re-run puppet and it should
  rebuild the cert.  I wouldn't recommend removing the ssldir on the
  server except as a last resort, otherwise you'll have to rebuild all
  your client certs.
 
  If that's what you already did, make sure that your ssldir and its
  contents are owned by user  group puppet as well.
 
  On Fri, Dec 30, 2011 at 8:02 AM, Mohammad Khan makhan...@gmail.com
  wrote:
   Do I need to make any changes to server or delete sl info on the server.
   I
   am still getting the certificate verify failed error on clients?
  
  
   On Fri, Dec 30, 2011 at 8:54 AM, Mohammad Khan makhan...@gmail.com
   wrote:
  
   I was able to sign the certificate to the client but still I am getting
   this error now on the
   client:
  
   Client puppet-agent[15030]: Starting Puppet client version 2.6.12
   Dec 30 08:52:52 Client puppet-agent[15030]: Could not retrieve catalog
   from remote server: certificate verify failed
   Dec 30 08:52:52 Client puppet-agent[15030]: Using cached catalog
   Dec 30 08:52:52 Client puppet-agent[15030]: Could not retrieve catalog;
   skipping run
  
  
  
  
   On Fri, Dec 30, 2011 at 8:26 AM, Mohammad Khan makhan...@gmail.com
   wrote:
  
   I have gone little further nowwhat I have done is to delete the ssl
   folder from one of the client and ran this command on server: puppetca
   --clean clientname
   it has generated new certificate but in the end I get the same error:
  
   err: Could not call revoke: Cannot convert into OpenSSL::BN
   Further more when i restart the agent from the client now I get this
   message under server message log: client has a waiting certificate
   request
   Under my client message log:
   hostname  puppet-agent[13385]: Did not receive certificate
  
  
  
  
   On Fri, Dec 30, 2011 at 7:36 AM, Mohammad Khan makhan...@gmail.com
   wrote:
  
   I have tried to deleted the ssl folder under puppet. And then tried
   to
   clean the certificate from the server but did not work.
   #puppetca --clean hostname
   notice: Revoked certificate with serial # Inventory of signed
   certificates
   # SERIAL NOT_BEFORE NOT_AFTER SUBJECT
  
  
   err:  Could not call revoke: Cannot convert into OpenSSL::BN
  
  
  
   On Fri, Dec 30, 2011 at 7:23 AM, Mohammad Khan makhan...@gmail.com
   wrote:
  
   Thanks guys; I am getting closer but still some errors. I am getting
   these errors now.
Starting Puppet client version 2.6.12
   Dec 30 07:20:40 puppet puppet-agent[19918]: Could not retrieve
   catalog
   from remote server: Retrieved certificate does not match private
   key; please
   remove certificate from server and regenerate it with the current
   key
   Dec 30 07:20:40 server puppet-agent[19918]: Using cached catalog
   Dec 30 07:20:40 server puppet-agent[19918]: Could not retrieve
   catalog;
   skipping run
  
  
  
  
   On Fri, Dec 30, 2011 at 2:31 AM, Bernd Adamowicz
   bernd.adamow...@esailors.de wrote:
  
   I'm pretty sure that, besides the other answers already provided,
   your
   main problem is the wrong user for your Puppet configuration. It
   should be
   user 'puppet' and not 'root'. That's how '/etc/puppet' should look
   like:
  
   drwxr-xr-x  5 puppet puppet 4.0K Dec 12 17:48 .
   drwxr-xr-x 79 root   root12K Dec 26 04:03 ..
   -rw-r--r--  1 puppet puppet 3.1K Dec 12 17:48 auth.conf
   drwxr-xr-x  6 puppet puppet 4.0K Dec 12 17:48 environments
   drwxr-xr-x  3 puppet puppet 4.0K Dec 12 17:48 manifests
   -rw-r--r--  1 puppet puppet  838 Dec 12 17:48 namespaceauth.conf
   -rw-r--r--  1 puppet puppet 1.8K Dec 12 17:48 puppet.conf
   drwxr-xr-x  6 puppet puppet 4.0K Dec 30 08:20 .svn
  
   So a command like 'chown -R puppet:puppet /etc/puppet' issued as
   'root' should solve your main problem which is the 'Permission
   denied' error
   as well as the non starting Puppet process.
  
   Bernd
  
-Ursprüngliche Nachricht-
Von: puppet-users@googlegroups.com [mailto:puppet-
us...@googlegroups.com] Im Auftrag von Khan
Gesendet: Donnerstag, 29. Dezember 2011