I've done that... I've checked the ntpd services and they're sync in time... Here is what I've done,
On master: rm -rf ssl /etc/rc.d/init.d/puppetmaster start Starting puppetmaster: [ OK ] ls ssl ca certificate_requests certs crl.pem private private_keys public_keys On client: rm -rf ssl puppetd --server=puppet.lagged.com --test info: Creating a new SSL key for w0f.lagged.com warning: peer certificate won't be verified in this SSL session info: Caching certificate for ca warning: peer certificate won't be verified in this SSL session warning: peer certificate won't be verified in this SSL session info: Creating a new SSL certificate request for w0f.lagged.com warning: peer certificate won't be verified in this SSL session warning: peer certificate won't be verified in this SSL session warning: peer certificate won't be verified in this SSL session Exiting; no certificate found and waitforcert is disabled On Master: puppetca --list w0f.lagged.com puppetca --sign w0f.lagged.com notice: Signed certificate request for w0f.lagged.com notice: Removing file Puppet::SSL::CertificateRequest w0f.lagged.com at '/var/lib/puppet/ssl/ca/requests/w0f.lagged.com.pem' On client: puppetd -t warning: peer certificate won't be verified in this SSL session info: Caching certificate for w0f.lagged.com info: Retrieving plugin err: /File[/var/lib/puppet/lib]: Failed to generate additional resources using 'eval_generate': certificate verify failed err: /File[/var/lib/puppet/lib]: Failed to retrieve current state of resource: certificate verify failed Could not retrieve file metadata for puppet://w0f.lagged.com/plugins: certificate verify failed err: Could not retrieve catalog from remote server: certificate verify failed warning: Not using cache on failed catalog err: Could not retrieve catalog; skipping run Any suggestions? On Nov 2, 2011, at 2:01 PM, Aaron Grewell wrote: > When I did this in my test environment I removed the entire contents > of the ssldir from the client to make sure that both the client & > server cert were pulled down anew. > > On Wed, Nov 2, 2011 at 10:25 AM, TFML <mailingl...@theflux.net> wrote: >> I'm running in circles with this issue... I accidentally did a 'puppetca >> --clean --all' and lost all certificates. I was able to get the >> puppetmaster running and re-created certificates for the client system, but >> I get the following error: >> >> warning: peer certificate won't be verified in this SSL session >> info: Caching certificate for w0f.lagged.com >> info: Retrieving plugin >> err: /File[/var/lib/puppet/lib]: Failed to generate additional resources >> using 'eval_generate': certificate verify failed >> err: /File[/var/lib/puppet/lib]: Failed to retrieve current state of >> resource: certificate verify failed Could not retrieve file metadata for >> puppet://puppet.lagged.com/plugins: certificate verify failed >> info: Loading facts in snmpd >> info: Loading facts in diskdrives >> info: Loading facts in snmpd >> info: Loading facts in diskdrives >> err: Could not retrieve catalog from remote server: certificate verify failed >> warning: Not using cache on failed catalog >> err: Could not retrieve catalog; skipping run >> >> -- >> You received this message because you are subscribed to the Google Groups >> "Puppet Users" group. >> To post to this group, send email to puppet-users@googlegroups.com. >> To unsubscribe from this group, send email to >> puppet-users+unsubscr...@googlegroups.com. >> For more options, visit this group at >> http://groups.google.com/group/puppet-users?hl=en. >> >> > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To post to this group, send email to puppet-users@googlegroups.com. > To unsubscribe from this group, send email to > puppet-users+unsubscr...@googlegroups.com. > For more options, visit this group at > http://groups.google.com/group/puppet-users?hl=en. > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
