OK, I managed to solve my issue by following Reinstalling puppetDB from source<http://docs.puppetlabs.com/puppetdb/latest/install_from_source.html#step-3-option-b-manually-create-a-keystore-and-truststore>(Step 3 Option B) even if /usr/sbin/puppetdb-ssl-setup (option A) did state that the configuration was okay. Regards
On Wednesday, July 3, 2013 5:54:49 PM UTC+2, yannig rousseau wrote: > > Hi all, > > I launched a Puppet service a few month ago and it did function pretty > well for some time. > > Last week, I tried to clean old entries but I think I deleted too much > information as I can no more synchronize my clients. > I get a certificate error : > > *[root@REBITPUPPET01 ~]# puppet agent --test > Warning: Unable to fetch my node definition, but the agent run will > continue: > Warning: SSL_connect returned=1 errno=0 state=SSLv3 read server > certificate B: certificate verify failed: [certificate signature failure > for /CN=rebitpuppet01.cegedim] > Info: Retrieving plugin > Error: /File[/var/lib/puppet/lib]: Failed to generate additional resources > using 'eval_generate: SSL_connect returned=1 errno=0 state=SSLv3 read > server certificate B: certificate verify failed: [certificate signature > failure for /CN=rebitpuppet01.cegedim] > Error: /File[/var/lib/puppet/lib]: Could not evaluate: SSL_connect > returned=1 errno=0 state=SSLv3 read server certificate B: certificate > verify failed: [certificate signature failure for > /CN=rebitpuppet01.cegedim] Could not retrieve file metadata for > puppet://rebitpuppet01.cegedim/plugins: SSL_connect returned=1 errno=0 > state=SSLv3 read server certificate B: certificate verify failed: > [certificate signature failure for /CN=rebitpuppet01.cegedim]* > > I tried a lot of things following the different threads but I only managed > to mess a little bit more with my server :-( > At least, I know my truststore should be wrong as "*keytool -list > -keystore /etc/puppetdb/ssl/truststore*" and "*openssl x509 -noout -in > /var/lib/puppet/ssl/ca/ca_crt.pem -fingerprint*" do not match. The only > thing is that I do not have the first idea on how to solve this... > > Any idea ? > > Puppetmaster, dashboard & puppedb are on the same server (Distro = RHEL5.9) > I get the same error even on the puppetmaster server. > > > Regards > > > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
