Thank you. Everything runs fine now. Problem was at overlord certificate paths.
Filip On Wed, Apr 6, 2011 at 3:58 PM, seth vidal <[email protected]>wrote: > On Wed, 2011-04-06 at 12:27 +0200, Filip Slunecko wrote: > > Hi, > > > > I'm trying to unify puppet with func too, but I'm still getting this > > error: > > > > Error: [('SSL routines', 'SSL3_READ_BYTES', 'sslv3 alert bad > > certificate'), ('SSL routines', 'SSL3_READ_BYTES', 'ssl handshake > > failure')] > > > > Minion config > > > > [main] > > log_level = INFO > > acl_dir = /etc/func/minion-acl.d > > > > listen_addr = > > listen_port = 51234 > > minion_name = test-machine.test.org > > method_log_dir = /var/log/func/methods/ > > use_certmaster = False > > > > ca_file=/var/lib/puppet/ssl/certs/ca.pem > > cert_file=/var/lib/puppet/ssl/certs/test-machine.test.org.pem > > key_file=/var/lib/puppet/ssl/private_keys/test-machine.test.org.pem > > crl_location=/var/lib/puppet/ssl/crl.pem > > > > overlord.conf > > > > # configuration for overlord > > > > [main] > > socket_timeout = 0 > > backend = conf > > group_db = > > puppet_minions = True > > > > Could you please guide me in the right way? > > > > Thank you > > > > > Here's a script I use to setup the minion configs properly. > > http://skvidal.fedorapeople.org/misc/make-minion-conf.sh.txt > > > > on the overlord side you'll need to specify the path to the puppet CA > certificates. > > often they are > > ca_file=/var/lib/puppet/ssl/ca/ca_crt.pem > key_file=/var/lib/puppet/ssl/ca/ca_dec_key.pem > cert_file=/var/lib/puppet/ssl/ca/ca_crt.pem > > -sv > > > > >
_______________________________________________ Func-list mailing list [email protected] https://www.redhat.com/mailman/listinfo/func-list
