Your message dated Fri, 10 Jul 2009 15:48:29 -0700
with message-id <[email protected]>
and subject line 0.23.2 hoses certs on systems that are using puppetd.conf
has caused the Debian Bug report #440346,
regarding certification fails
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
440346: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=440346
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: puppet
Version: 0.23.2-3
Severity: important
Looks like certification is failing.
"puppetca --list" does not return hostname and cannot sign either.
I've also tried version 0.20.1-1 and confirmed working fine.
So this should be package issue.
- puppetd error message
sudo puppetd --server hostname --waitforcert 60 --verbose
notice: Starting Puppet client version 0.23.2
err: Could not retrieve configuration: Certificates were not trusted:
certificate verify failed
err: Could not retrieve configuration: Cannot connect to server and
there is no cached configuration
- /var/log/puppet/masterhttp.log
[2007-09-11 11:00:27] ERROR OpenSSL::SSL::SSLError: tlsv1 alert decrypt error
/usr/lib/ruby/1.8/openssl/ssl.rb:122:in `accept'
Hope this would help some.
Cheers,
Jun
-- System Information:
Debian Release: 4.0
APT prefers stable
APT policy: (990, 'stable'), (500, 'unstable')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.4.27-2-686
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8
(charmap=ANSI_X3.4-1968) (ignored: LC_ALL set to C)
Versions of packages puppet depends on:
ii adduser 3.102 Add and remove users and groups
ii facter 1.3.5-1 a library for retrieving facts fro
ii libopenssl-ruby 1.0.0+ruby1.8.2-1 OpenSSL interface for Ruby
ii libshadow-ruby1.8 1.4.1-7 Interface of shadow password for R
ii libxmlrpc-ruby 1.8.2-1 XML-RPC support for Ruby
ii lsb-base 3.1-23.2etch1 Linux Standard Base 3.1 init scrip
ii ruby 1.8.2-1 An interpreter of object-oriented
Versions of packages puppet recommends:
ii rdoc 1.8.2-1 Generate documentation from ruby s
-- no debconf information
--- End Message ---
--- Begin Message ---
(please reopen if you don't believe this has actually been fixed)
Digant, I ran into similar issues around this time period, and they
were all upstream bugs where parts of the code would still look at
puppetd.conf even though it had supposedly been deprecated. All of
these were fixed a while ago afaik.
--- End Message ---
