I'm glad you found a solution :-). I think this is a bug though. Would you mind if you raised a ticket for this in our redmine tracker with the details of your error and solution? At least if we can record it for the purpose of errata, it might help someone else - or we might come to a proper solution around it eventually.
http://projects.puppetlabs.com/projects/puppetdb/issues/new BTW, what does your puppet.conf look like? On Tue, May 21, 2013 at 6:36 AM, <kl.puppetu...@gmail.com> wrote: > Ken, it's working now! "Solution" below. > > > On Fri, May 17, 2013 at 4:27 PM, Ken Barber <k...@puppetlabs.com> wrote: >> Could very well be, however it seems so far you're the first unlucky >> one to see this issue afaik :-). I've been trying to reproduce it on >> my own setup with no luck yet, although I've got some ideas to try >> today. > > Thanks a lot for trying though. Your replies have been very helpful. > > >> Also - remember this command? >> >> echo "GET /" | openssl s_client -connect 127.0.1.1:8081 -cert >> `puppet master --configprint hostcert` -key `puppet master >> --configprint hostprivkey` -CAfile `puppet master --configprint >> cacert` >> >> Did you try running that from the puppet master node itself - >> attempting to connect to puppetdb? I believe the last test you tried >> was directly from the puppetdb node instead. > > Good catch. I was trying it from the puppetdb itself. That was working well. > > I then tried from the puppet server itself. The problem was the following: > - For everything puppet, I use puppet.local as the fqdn for the puppet > master. > - The actual hostname (and thus the cert) for the puppet master node > is gaia.local. > - For some reason (config probably ;) ), puppet agents don't think > this is a problem. > - When I tried your GET|openssl command, it was complaining about not > being able to find certs/puppet.local.something and > private_keys/puppet.local.something. > - I symlinked puppet.local (to use gaia.local, the actual > certificate). This works. Probably not the nicest way, but it works! > Exported config now works. > > I'm very happy it works now, > Thanks again! > /kl > > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to puppet-users+unsubscr...@googlegroups.com. > To post to this group, send email to puppet-users@googlegroups.com. > Visit this group at http://groups.google.com/group/puppet-users?hl=en. > For more options, visit https://groups.google.com/groups/opt_out. > > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
