Any light someone can shed sure would be appreciated. I start with 1 cert -- the master's, where I am running this:
jblaine@ip-10-191-115-140:~$ sudo puppet cert list --all + "ip-10-191-115-140.ec2.internal" (74:8B:7B:EF:41:E6:F9:98:93:15:42:6A:4C:2F:28:CC) (alt names: "DNS:ip-10-191-115-140.ec2.internal", "DNS:puppet", "DNS:puppet.ec2.internal") jblaine@ip-10-191-115-140:~$ I have quadruple-confirmed that is the only certificate in existence in /var/lib/puppet/ssl. I create a brand new EC2 instance and bootstrap it with the Cloud Provisioner: jblaine@ip-10-191-115-140:~$ puppet node_aws bootstrap --group=hadoop-nodes \ --keyname=jblaine --image=ami-82fa58eb --type=t1.micro \ --puppet-version=2.7.20 --login=ubuntu \ --keyfile=~/.ssh/jblaine-bld.pem \ --server=ip-10-191-115-140.ec2.internal --verbose ... notice: Waiting for SSH response ... Done info: Executing remote command ... info: Executing remote command ... Done notice: Installing Puppet ... info: Executing remote command ... info: Executing remote command ... Done info: Executing remote command ... info: Executing remote command ... Done notice: Puppet is now installed on: ec2-23-21-34-131.compute-1.amazonaws.com notice: No classification method selected notice: Signing certificate ... err: Signing certificate ... Failed err: Signing certificate error: Could not render to pson: The certificate retrieved from the master does not match the agent's private key. Certificate fingerprint: E2:B3:43:ED:74:80:F7:6E:C0:3F:68:C2:95:74:40:AA Say what? jblaine@ip-10-191-115-140:~$ sudo puppet cert list jblaine@ip-10-191-115-140:~$ sudo puppet cert list --all + "ec2-23-21-34-131.compute-1.amazonaws.com-fc73179f-951d-88dc-9477-d4dcddc6f585" (01:FD:22:FA:90:76:78:AF:91:90:77:69:1A:7A:41:95) + "ip-10-191-115-140.ec2.internal" (74:8B:7B:EF:41:E6:F9:98:93:15:42:6A:4C:2F:28:CC) (alt names: "DNS:ip-10-191-115-140.ec2.internal", "DNS:puppet", "DNS:puppet.ec2.internal") jblaine@ip-10-191-115-140:~$ -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/O8UpAGKg8fcJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
