We tried to setup puppet client-server architecture setup by installing puppet-server (through Yum repository) in puppet master and puppet (through Yum repository) in another server (client) machine. During this client is trying to receive the signed certificate from puppet-master server it failed with following error:
Puppet master: [root@puppet-master ~]# puppetca --list "puppet-client1" (BF:56:F7:B3:FB:CA:6A:9A:44:9B:9E:0C:BE:F3:5D:FD) [root@puppet-master ~]# puppetca --sign puppet-client1 notice: Signed certificate request for puppet-client1 notice: Removing file Puppet::SSL::CertificateRequest puppet-client1 at '/var/lib/puppet/ssl/ca/requests/puppet-client1.pem' Puppet Client: [root@puppet-client1 ~]# puppet agent --verbose --logdest console --no-daemonize --server=puppet-master info: Creating a new SSL key for puppet-client1 info: Caching certificate for ca info: Creating a new SSL certificate request for puppet-client1 info: Certificate Request fingerprint (md5): BF:56:F7:B3:FB:CA:6A:9A:44:9B:9E:0C:BE:F3:5D:FD notice: Did not receive certificate info: Caching certificate for puppet-client1 notice: Starting Puppet client version 2.7.23 err: Could not retrieve catalog from remote server: SSL*connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed: [certificate signature failure for /CN=puppet-master] * *notice: Using cached catalog * *err: Could not retrieve catalog; skipping run err: Could not send report: SSL*connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed: [certificate signature failure for /CN=puppet-master] Rgrds, Ram. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/726017a6-1cda-4cd8-ac4a-d06a16cb60f2%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.