Issue #4680 has been reported by Nico Schottelius. ---------------------------------------- Bug #4680: No certificates submitted after upgrade to 2.6.0 (from 0.25.4) http://projects.puppetlabs.com/issues/4680
Author: Nico Schottelius Status: Unreviewed Priority: Normal Assignee: Category: SSL Target version: Affected version: Keywords: Branch: Problem: Client should transfer certificate request, master should autosign it. Current behaviour: Master outputs info: Could not find certificate for 'ikr31.ethz.ch' Client outputs warning: peer certificate won't be verified in this SSL session notice: Did not receive certificate But there's no csr on the master. Tried with and without the new auth.conf. Details: Client: r...@ikr31:~# puppet --version 0.25.4 r...@ikr31:~# puppetd --server puppet.inf.ethz.ch --test --ca_port 19400 --debug --color no --waitforcert 2 debug: Failed to load library 'selinux' for feature 'selinux' debug: Puppet::Type::User::ProviderPw: file pw does not exist debug: Puppet::Type::User::ProviderDirectoryservice: file /usr/bin/dscl does not exist debug: Puppet::Type::User::ProviderUser_role_add: file rolemod does not exist debug: Puppet::Type::User::ProviderLdap: true value when expecting false debug: Failed to load library 'ldap' for feature 'ldap' debug: /File[/var/lib/puppet/clientbucket]: Autorequiring File[/var/lib/puppet] debug: /File[/var/lib/puppet/lib]: Autorequiring File[/var/lib/puppet] debug: /File[/var/lib/puppet/ssl]: Autorequiring File[/var/lib/puppet] debug: /File[/etc/puppet/puppet.conf]: Autorequiring File[/etc/puppet] debug: /File[/var/lib/puppet/facts]: Autorequiring File[/var/lib/puppet] debug: /File[/var/lib/puppet/ssl/certs/ca.pem]: Autorequiring File[/var/lib/puppet/ssl/certs] debug: /File[/var/lib/puppet/ssl/private]: Autorequiring File[/var/lib/puppet/ssl] debug: /File[/var/lib/puppet/client_yaml]: Autorequiring File[/var/lib/puppet] debug: /File[/var/lib/puppet/ssl/public_keys]: Autorequiring File[/var/lib/puppet/ssl] debug: /File[/var/lib/puppet/ssl/certificate_requests]: Autorequiring File[/var/lib/puppet/ssl] debug: /File[/var/lib/puppet/ssl/private_keys/ikr31.ethz.ch.pem]: Autorequiring File[/var/lib/puppet/ssl/private_keys] debug: /File[/var/lib/puppet/state/graphs]: Autorequiring File[/var/lib/puppet/state] debug: /File[/var/run/puppet/puppetd.pid]: Autorequiring File[/var/run/puppet] debug: /File[/var/lib/puppet/ssl/public_keys/ikr31.ethz.ch.pem]: Autorequiring File[/var/lib/puppet/ssl/public_keys] debug: /File[/var/lib/puppet/ssl/certs]: Autorequiring File[/var/lib/puppet/ssl] debug: /File[/var/lib/puppet/state]: Autorequiring File[/var/lib/puppet] debug: /File[/var/lib/puppet/ssl/private_keys]: Autorequiring File[/var/lib/puppet/ssl] debug: Finishing transaction 69844402770620 with 0 changes debug: Using cached certificate for ca, good until Tue Sep 02 13:24:09 UTC 2014 warning: peer certificate won't be verified in this SSL session debug: Using cached certificate_request for ikr31.ethz.ch, good until debug: Using cached certificate for ca, good until Tue Sep 02 13:24:09 UTC 2014 warning: peer certificate won't be verified in this SSL session debug: Using cached certificate for ca, good until Tue Sep 02 13:24:09 UTC 2014 warning: peer certificate won't be verified in this SSL session debug: Using cached certificate for ca, good until Tue Sep 02 13:24:09 UTC 2014 warning: peer certificate won't be verified in this SSL session notice: Did not receive certificate ^CCancelling startup Master: [10:38] sans:~# /usr/bin/puppet master --servertype=webrick --masterport=19400 --debug --no-daemonize --color false --trace warning: You have configuration parameter $ssl_client_header specified in [puppetmasterd], which is a deprecated section. I'm assuming you meant [master] warning: You have configuration parameter $templatedir specified in [puppetmasterd], which is a deprecated section. I'm assuming you meant [master] warning: You have configuration parameter $modulepath specified in [puppetmasterd], which is a deprecated section. I'm assuming you meant [master] debug: Failed to load library 'selinux' for feature 'selinux' debug: Puppet::Type::User::ProviderDirectoryservice: file /usr/bin/dscl does not exist debug: Puppet::Type::User::ProviderLdap: true value when expecting false debug: Puppet::Type::User::ProviderUser_role_add: file roleadd does not exist debug: Puppet::Type::User::ProviderPw: file pw does not exist debug: Puppet::Type::File::ProviderMicrosoft_windows: feature microsoft_windows is missing debug: /File[/var/lib/puppetmaster/ssl/public_keys/sans.ethz.ch.pem]: Autorequiring File[/var/lib/puppetmaster/ssl/public_keys] debug: /File[/var/lib/puppetmaster/ssl/certs]: Autorequiring File[/var/lib/puppetmaster/ssl] debug: /File[/var/lib/puppetmaster/reports]: Autorequiring File[/var/lib/puppetmaster] debug: /File[/var/lib/puppetmaster/lib]: Autorequiring File[/var/lib/puppetmaster] debug: /File[/etc/puppet/puppet.conf]: Autorequiring File[/etc/puppet] debug: /File[/var/lib/puppetmaster/ssl/certificate_requests]: Autorequiring File[/var/lib/puppetmaster/ssl] debug: /File[/var/lib/puppetmaster/server_data]: Autorequiring File[/var/lib/puppetmaster] debug: /File[/var/lib/puppetmaster/ssl/certs/sans.ethz.ch.pem]: Autorequiring File[/var/lib/puppetmaster/ssl/certs] debug: /File[/var/lib/puppetmaster/ssl]: Autorequiring File[/var/lib/puppetmaster] debug: /File[/var/log/puppet/masterhttp.log]: Autorequiring File[/var/log/puppet] debug: /File[/var/lib/puppetmaster/ssl/public_keys]: Autorequiring File[/var/lib/puppetmaster/ssl] debug: /File[/var/lib/puppetmaster/yaml]: Autorequiring File[/var/lib/puppetmaster] debug: /File[/var/lib/puppetmaster/ssl/private_keys/sans.ethz.ch.pem]: Autorequiring File[/var/lib/puppetmaster/ssl/private_keys] debug: /File[/var/lib/puppetmaster/bucket]: Autorequiring File[/var/lib/puppetmaster] debug: /File[/etc/puppet/fileserver.conf]: Autorequiring File[/etc/puppet] debug: /File[/var/lib/puppetmaster/rrd]: Autorequiring File[/var/lib/puppetmaster] debug: /File[/etc/puppet/manifests]: Autorequiring File[/etc/puppet] debug: /File[/var/lib/puppetmaster/state]: Autorequiring File[/var/lib/puppetmaster] debug: /File[/var/lib/puppetmaster/facts]: Autorequiring File[/var/lib/puppetmaster] debug: /File[/var/lib/puppetmaster/ssl/private]: Autorequiring File[/var/lib/puppetmaster/ssl] debug: /File[/var/lib/puppetmaster/ssl/private_keys]: Autorequiring File[/var/lib/puppetmaster/ssl] debug: /File[/etc/puppet/manifests/site.pp]: Autorequiring File[/etc/puppet/manifests] debug: /File[/var/lib/puppetmaster/ssl/crl.pem]: Autorequiring File[/var/lib/puppetmaster/ssl] debug: /File[/var/lib/puppetmaster/ssl/certs/ca.pem]: Autorequiring File[/var/lib/puppetmaster/ssl/certs] debug: Finishing transaction 70355901938100 debug: /File[/var/lib/puppetmaster/ssl/ca/inventory.txt]: Autorequiring File[/var/lib/puppetmaster/ssl/ca] debug: /File[/var/lib/puppetmaster/ssl/ca/ca_pub.pem]: Autorequiring File[/var/lib/puppetmaster/ssl/ca] debug: /File[/var/lib/puppetmaster/ssl/ca/private/ca.pass]: Autorequiring File[/var/lib/puppetmaster/ssl/ca/private] debug: /File[/var/lib/puppetmaster/ssl/ca/ca_key.pem]: Autorequiring File[/var/lib/puppetmaster/ssl/ca] debug: /File[/var/lib/puppetmaster/ssl/ca/signed]: Autorequiring File[/var/lib/puppetmaster/ssl/ca] debug: /File[/var/lib/puppetmaster/ssl/ca/private]: Autorequiring File[/var/lib/puppetmaster/ssl/ca] debug: /File[/var/lib/puppetmaster/ssl/ca/serial]: Autorequiring File[/var/lib/puppetmaster/ssl/ca] debug: /File[/var/lib/puppetmaster/ssl/ca/ca_crt.pem]: Autorequiring File[/var/lib/puppetmaster/ssl/ca] debug: /File[/var/lib/puppetmaster/ssl/ca/ca_crl.pem]: Autorequiring File[/var/lib/puppetmaster/ssl/ca] debug: /File[/var/lib/puppetmaster/ssl/ca/requests]: Autorequiring File[/var/lib/puppetmaster/ssl/ca] debug: Finishing transaction 70355900300400 debug: Using cached certificate for ca debug: Using cached certificate for ca debug: Using cached certificate for sans.ethz.ch notice: Starting Puppet master version 2.6.0 err: Removing mount files: /etc/puppet/files does not exist info: mount[files]: allowing 129.132.12.0/24 access [... many more permissions allowed...] debug: No modules mount given; autocreating with default permissions debug: Finishing transaction 70355918274780 info: Inserting default '~ ^/catalog/([^/]+)$'(auth) acl because /etc/puppet/auth.conf doesn't exist info: Inserting default '/file'(non-auth) acl because /etc/puppet/auth.conf doesn't exist info: Inserting default '/certificate_revocation_list/ca'(auth) acl because /etc/puppet/auth.conf doesn't exist info: Inserting default '/report'(auth) acl because /etc/puppet/auth.conf doesn't exist info: Inserting default '/certificate/ca'(non-auth) acl because /etc/puppet/auth.conf doesn't exist info: Inserting default '/certificate/'(non-auth) acl because /etc/puppet/auth.conf doesn't exist info: Inserting default '/certificate_request'(non-auth) acl because /etc/puppet/auth.conf doesn't exist info: Inserting default '/status'(auth) acl because /etc/puppet/auth.conf doesn't exist info: Inserting default '/resource'(auth) acl because /etc/puppet/auth.conf doesn't exist info: Could not find certificate for 'ikr31.ethz.ch' -- You have received this notification because you have either subscribed to it, or are involved in it. To change your notification preferences, please click here: http://projects.puppetlabs.com/my/account -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/puppet-bugs?hl=en.
