Funny thing.. I just set up apache passenger on my desktop (as opposed to my normal apache/passenger puppetmasters) and have the same issue.
Looking through the apache logs it is showing that it is trying to PUT to a directory that doesn't exist on the filesystem. <title>405 Method Not Allowed</title> </head><body> <h1>Method Not Allowed</h1> Digging a little further the difference between my desktop and the servers funnily enough is SELinux. Looking at the audit.log I noticed that httpd was not allowed to run the passenger app. A lot of trial and audit2allow's later I have it working (kinda). Could this be your problem too? Cheers, Den On Aug 25, 8:20 am, Denmat <[email protected]> wrote: > Hi, > > Have you made any changes to your auth.conf? Are you auto signing your certs? > How have you configured apache and passenger? > > Here's what you can do as a test. Remove the apache passenger vhost and run > puppet using webrick (puppetmasterd). If your client cant connect then your > puppet conf needs checking. If it works, then the problem is in your apache > configs. > > Cheers, > Den > > On 24/08/2011, at 20:27, Antoine Benkemoun <[email protected]> > wrote: > > > > > > > > > I'm not going to be of much help but I also get your first error message > > from time to time and it goes away without having me do anything. > > > I'm talking about this one : > > > err: /File[/var/lib/puppet/lib]: Could not evaluate: SSL_connect > > returned=1 errno=0 state=SSLv3 read server certificate B: certificate > > verify failed Could not retrieve file metadata for > > puppet://PUPPETMASTER.fqdn/plugins: > > SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: > > certificate verify failed > > > I think this may be due to the fact that by default Puppet runs with > > webrick (please correct me if I'm wrong) or something similar which can > > only process requests one at a time. Kind of like if this was some sort of > > disguised timeout. I have not tried to run Puppet with Passenger so I can't > > confirm this. > > > Antoine > > On Wed, Aug 24, 2011 at 12:19 PM, [email protected] <[email protected]> wrote: > > Does anyone have an idea? > > > Thanks you > > > On 16 août, 10:42, "[email protected]" <[email protected]> wrote: > > > Hello, > > > > I just set up Puppet / Passenger by following the documentation. > > > For servers already authenticated key I do not encounter problems, but > > > for new I have these errors: > > > > <--> > > > root@server2:~# puppetd --test --no-daemonize > > > warning: peer certificate won't be verified in this SSL session > > > warning: peer certificate won't be verified in this SSL session > > > info: Creating a new SSL certificate request for server2.fqdn > > > info: Certificate Request fingerprint (md5): > > > F1:2E:F6:D6:8C:B3:F6:6B:D2:4B:C4:72:1C:E4:24:D9 > > > warning: peer certificate won't be verified in this SSL session > > > err: Could not request certificate: Error 405 on SERVER: <!DOCTYPE > > > HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> > > > <html><head> > > > <title>405 Method Not Allowed</ > > > title> > > > </ > > > head><body> > > > <h1>Method Not Allowed</ > > > h1> > > > <p>The requested method PUT is not allowed for the URL /production/ > > > certificate_request/server2.fqdn.</ > > > p> > > > <hr> > > > <address>Apache/2.2.9 (Debian) DAV/2 SVN/1.5.1 Phusion_Passenger/3.0.7 > > > mod_ssl/2.2.9 OpenSSL/0.9.8g Server at puppetmaster.fqdn Port 8140</ > > > address> > > > </body></ > > > html> > > > > Exiting; failed to retrieve certificate and waitforcert is disabled > > > root@server2:~# > > > <---> > > > > Also, I get a new type of error by mail: > > > > <---> > > > Tue Aug 16 15:52:08 +0200 2011 //server1.fqdn/Puppet (err): Could not > > > retrieve catalog from remote server: Error 414 on SERVER: <!DOCTYPE > > > HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> > > > <html><head> > > > <title>414 Request-URI Too Large</title> > > > </head><body> > > > <h1>Request-URI Too Large</h1> > > > <p>The requested URL's length exceeds the capacity > > > limit for this server.<br /> > > > </p> > > > <hr> > > > <address>Apache/2.2.9 (Debian) DAV/2 SVN/1.5.1 Phusion_Passenger/3.0.7 > > > mod_ssl/2.2.9 OpenSSL/0.9.8g Server at PUPPETMASTER.fqdn Port 8140</ > > > address> > > > </body></html> > > > > Tue Aug 16 15:52:08 +0200 2011 //server1.fqdn/Puppet (notice): Using > > > cached catalog > > > Tue Aug 16 15:52:08 +0200 2011 //server1.fqdn/Puppet (err): Could not > > > retrieve catalog; skipping run > > > > <----> > > > > I have set the variable: > > > <---> > > > PassengerMaxRequests 10000 > > > <---> > > > > But I doubt that this impact on this error. > > > > Again, thank you! > > > Jimmy > > > > On 26 juil, 14:33, "[email protected]" <[email protected]> wrote: > > > > > Passenger is already installed, but was not configured to Puppet. > > > > I will do the migration and I will return here. > > > > > Thank you! > > > > > On 25 juil, 17:21, Peter Meier <[email protected]> wrote: > > > > > > > I have about 130 customer puppet. > > > > > > I left the default time interval. > > > > > > Are you still running with default webrick on the puppetmaster? (If > > > > > you > > > > > didn't change anything, then yes you are). > > > > > > If yes, it's time to scale out and use either a Mongrel or > > > > > Passenger-based > > > > > Setup:http://projects.puppetlabs.com/projects/puppet/wiki/Using_Passenger > > > > > > ~pete > > > -- > > You received this message because you are subscribed to the Google Groups > > "Puppet Users" group. > > To post to this group, send email to [email protected]. > > To unsubscribe from this group, send email to > > [email protected]. > > For more options, visit this group > > athttp://groups.google.com/group/puppet-users?hl=en. > > > -- > > You received this message because you are subscribed to the Google Groups > > "Puppet Users" group. > > To post to this group, send email to [email protected]. > > To unsubscribe from this group, send email to > > [email protected]. > > For more options, visit this group > > athttp://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
