Issue #4597 has been reported by Romaric Defaux. ---------------------------------------- Feature #4597: Non-usefull error message when CRL is not yet valid on the server http://projects.puppetlabs.com/issues/4597
Author: Romaric Defaux Status: Unreviewed Priority: Normal Assigned to: Category: Target version: Affected version: Keywords: Branch: Hi, I use puppet with a hundred of server, and first thanks a lot for your job. Here's what happen (in summary, because I spent a lot of time to find and understand what happened, finally this problem solve by itself !): Server version : Ubuntu 10.04.1 LTS \n \l # puppetmasterd --version 0.25.4 Client version : Ubuntu 10.04 LTS \n \l # puppetd --version 0.25.4 - Client side : I configured my client - Client side : Launched puppetd --test - Server side : signed the certificate - Client side : Launched puppetd again Error message : err: Could not retrieve catalog from remote server: undefined method `closed?' for nil:NilClass warning: Not using cache on failed catalog err: Could not retrieve catalog; skipping run - Client side : Try to see more : ruby --debug /usr/sbin/puppetd --test Exception `OpenSSL::SSL::SSLError' at /usr/lib/ruby/1.8/net/http.rb:586 - SSL_connect returned=1 errno=0 state=SSLv3 read finished A: sslv3 alert bad certificate - Server side : puppetca --list --all blabla.domain.com (CRL is not yet valid) (Few time later) - Server side : puppetca --list --all + blabla.domain.com - Client side : puppetd --test -> OK :) ! I think this happen probably because the puppetmaster was in the past comparing to the client. Would it be possible to modify this error message : err: Could not retrieve catalog from remote server: undefined method `closed?' for nil:NilClass and just say that the certificate is not already active ? Or to start the activation of the certificate one day before (just to be sure it's activated) ? Thanks Romaric -- You have received this notification because you have either subscribed to it, or are involved in it. To change your notification preferences, please click here: http://projects.puppetlabs.com/my/account -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/puppet-bugs?hl=en.
