By "home directory" I mean /home, where the directory /home/dpasacrita, and where (importantly) /home/dpasacrita/.puppet is. This is where the certificates are stored if I'm understanding this right, and this issue is apparently with the master's certificate.
I cannot run any puppet cert clean operation, it will give the same error as before. $ puppet cert clean [Agent FQDN] Error: The certificate retrieved from the master does not match the agent's private key. Certificate fingerprint: 07:A8:41:FA:6D:00:3D:93:A3:74:CA:74:A3:6B:16:26:0A:A8:81:26:24:10:D7:D1:C4:70:60:AE:A5:68:D2:B0 To fix this, remove the certificate from both the master and the agent and then start a puppet run, which will automatically regenerate a certficate. On the master: puppet cert clean master.crownawards.com On the agent: rm -f /home/dpasacrita/.puppet/ssl/certs/master.crownawards.com.pem puppet agent -t On Monday, May 5, 2014 10:49:40 AM UTC-4, Felix.Frank wrote: > > What do you mean by "home directory"? > > To clean an agent's certificate, use puppet cert clean, but with with > the agent's FQDN as its argument, not the master's FQDN. > > On 05/05/2014 04:35 PM, Dan Pasacrita wrote: > > Well my thinking was that since the certificate is stored in the home > > directory, messing with the home directory somehow changed the masters > > certificate, which is why none of the agent's keys match it. I really > > don't know though, I'm kinda new to puppet and linux. In any case, I > > can't clean the agent certificates from the master since I can't run the > > command to do so, unless there's a way to do it manually. > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/3b37faf5-eb77-4abb-8284-7aae7e368391%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
