subject:"\[Puppet Users\] Re\: error on puppet 25.4 with passenger 2.2.2"

Re: [Puppet Users] Re: error on puppet 25.4 with passenger 2.2.2

2010-02-09 Thread Isaac Christoffersen

Aha!  Fixes my problem too.  I knew if I procrastinated enough someone
would find an answer.  :-)

On Tue, Feb 9, 2010 at 2:54 AM, Christophe Bonnaud  wrote:
> On Feb 9, 9:50 am, Eric Sorenson  wrote:
>> On Feb 8, 2010, at 4:20 PM, Christophe Bonnaud wrote:
>>
>>
>>
>>
>>
>> >> I've seen the same thing with my setup...the solution for me was to
>> >> put the "RequestHeader" lines found on the Puppet Passenger wiki page
>> >> (http://www.reductivelabs.com/trac/puppet/wiki/UsingPassenger) into my
>> >> Apache virtual host config:
>>
>> >>         RequestHeader set X-SSL-Subject %{SSL_CLIENT_S_DN}e
>> >>         RequestHeader set X-Client-DN %{SSL_CLIENT_S_DN}e
>> >>         RequestHeader set X-Client-Verify %{SSL_CLIENT_VERIFY}e
>>
>> >> ...not sure why that section isn't included in the provided template
>> >> (./ext/rack/files/apache2.conf) from the puppet sources (I'm using
>> >> v0.25.4), but adding them fixed things up for me. Note that I also
>> >> don't have an auth.conf file, and even if I add one and take these
>> >> lines out, I'm back to getting the "err: Could not retrieve catalog
>> >> from remote server: Error 403 on SERVER:" message. Hope that helps!
>>
>> > Indeed this was the solution... thanks so much for your help!!
>> > I'm agree it's strange that those lines are not in the provided
>> > template...
>> > Anyone know why?
>>
>> The documented suggestion -- though I agree it's not on the wiki page; once 
>> we resolve this question here I'd be happy to update UsingPassenger this as 
>> I've just gone through it myself -- is to go at it from the other direction. 
>> Instead of changing apache to match puppet's defaults, you tell puppet the 
>> names of the apache variables:
>>
>> (from ext/rack/README)
>> Required puppet.conf settings:
>>   [puppetmasterd]
>>     ssl_client_header = SSL_CLIENT_S_DN
>>     ssl_client_verify_header = SSL_CLIENT_VERIFY
>>
>> Then the required httpd.conf line is just
>>   SSLOptions +StdEnvVars
>>
>> which *is* in the config file in the distribution.
>>
>> I'm not enough of an expert to know whether one is preferable to the other, 
>> though.
>>
>> -=Eric
>
>
> hum yes indeed it works fine in that way too. I though I already tried
> that because I saw that in the documentation but I may have done
> something else wrong at this moment...
> Thanks Eric!
>
> --
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To post to this group, send email to puppet-us...@googlegroups.com.
> To unsubscribe from this group, send email to 
> puppet-users+unsubscr...@googlegroups.com.
> For more options, visit this group at 
> http://groups.google.com/group/puppet-users?hl=en.
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Re: error on puppet 25.4 with passenger 2.2.2

2010-02-08 Thread Christophe Bonnaud

On Feb 9, 9:50 am, Eric Sorenson  wrote:
> On Feb 8, 2010, at 4:20 PM, Christophe Bonnaud wrote:
>
>
>
>
>
> >> I've seen the same thing with my setup...the solution for me was to
> >> put the "RequestHeader" lines found on the Puppet Passenger wiki page
> >> (http://www.reductivelabs.com/trac/puppet/wiki/UsingPassenger) into my
> >> Apache virtual host config:
>
> >>         RequestHeader set X-SSL-Subject %{SSL_CLIENT_S_DN}e
> >>         RequestHeader set X-Client-DN %{SSL_CLIENT_S_DN}e
> >>         RequestHeader set X-Client-Verify %{SSL_CLIENT_VERIFY}e
>
> >> ...not sure why that section isn't included in the provided template
> >> (./ext/rack/files/apache2.conf) from the puppet sources (I'm using
> >> v0.25.4), but adding them fixed things up for me. Note that I also
> >> don't have an auth.conf file, and even if I add one and take these
> >> lines out, I'm back to getting the "err: Could not retrieve catalog
> >> from remote server: Error 403 on SERVER:" message. Hope that helps!
>
> > Indeed this was the solution... thanks so much for your help!!
> > I'm agree it's strange that those lines are not in the provided
> > template...
> > Anyone know why?
>
> The documented suggestion -- though I agree it's not on the wiki page; once 
> we resolve this question here I'd be happy to update UsingPassenger this as 
> I've just gone through it myself -- is to go at it from the other direction. 
> Instead of changing apache to match puppet's defaults, you tell puppet the 
> names of the apache variables:
>
> (from ext/rack/README)
> Required puppet.conf settings:
>   [puppetmasterd]
>     ssl_client_header = SSL_CLIENT_S_DN
>     ssl_client_verify_header = SSL_CLIENT_VERIFY
>
> Then the required httpd.conf line is just
>   SSLOptions +StdEnvVars
>
> which *is* in the config file in the distribution.  
>
> I'm not enough of an expert to know whether one is preferable to the other, 
> though.  
>
> -=Eric


hum yes indeed it works fine in that way too. I though I already tried
that because I saw that in the documentation but I may have done
something else wrong at this moment...
Thanks Eric!

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Re: error on puppet 25.4 with passenger 2.2.2

2010-02-08 Thread Eric Sorenson


On Feb 8, 2010, at 4:20 PM, Christophe Bonnaud wrote:

>> I've seen the same thing with my setup...the solution for me was to
>> put the "RequestHeader" lines found on the Puppet Passenger wiki page
>> (http://www.reductivelabs.com/trac/puppet/wiki/UsingPassenger) into my
>> Apache virtual host config:
>> 
>> RequestHeader set X-SSL-Subject %{SSL_CLIENT_S_DN}e
>> RequestHeader set X-Client-DN %{SSL_CLIENT_S_DN}e
>> RequestHeader set X-Client-Verify %{SSL_CLIENT_VERIFY}e
>> 
>> ...not sure why that section isn't included in the provided template
>> (./ext/rack/files/apache2.conf) from the puppet sources (I'm using
>> v0.25.4), but adding them fixed things up for me. Note that I also
>> don't have an auth.conf file, and even if I add one and take these
>> lines out, I'm back to getting the "err: Could not retrieve catalog
>> from remote server: Error 403 on SERVER:" message. Hope that helps!
> 
> Indeed this was the solution... thanks so much for your help!!
> I'm agree it's strange that those lines are not in the provided
> template...
> Anyone know why?


The documented suggestion -- though I agree it's not on the wiki page; once we 
resolve this question here I'd be happy to update UsingPassenger this as I've 
just gone through it myself -- is to go at it from the other direction. Instead 
of changing apache to match puppet's defaults, you tell puppet the names of the 
apache variables:

(from ext/rack/README)
Required puppet.conf settings:
  [puppetmasterd]
ssl_client_header = SSL_CLIENT_S_DN
ssl_client_verify_header = SSL_CLIENT_VERIFY


Then the required httpd.conf line is just
  SSLOptions +StdEnvVars

which *is* in the config file in the distribution.  

I'm not enough of an expert to know whether one is preferable to the other, 
though.  


-=Eric

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Re: error on puppet 25.4 with passenger 2.2.2

2010-02-08 Thread Christophe Bonnaud

On Feb 9, 6:20 am, Aaron Schaefer  wrote:
> On Feb 8, 3:18 am, Christophe Bonnaud  wrote:
>
> > so I have obviously an authorization problem, but i cannot find the
> > solution to this problem...
>
> > Does anyone have a suggestion?
>
> I've seen the same thing with my setup...the solution for me was to
> put the "RequestHeader" lines found on the Puppet Passenger wiki page
> (http://www.reductivelabs.com/trac/puppet/wiki/UsingPassenger) into my
> Apache virtual host config:
>
>         RequestHeader set X-SSL-Subject %{SSL_CLIENT_S_DN}e
>         RequestHeader set X-Client-DN %{SSL_CLIENT_S_DN}e
>         RequestHeader set X-Client-Verify %{SSL_CLIENT_VERIFY}e
>
> ...not sure why that section isn't included in the provided template
> (./ext/rack/files/apache2.conf) from the puppet sources (I'm using
> v0.25.4), but adding them fixed things up for me. Note that I also
> don't have an auth.conf file, and even if I add one and take these
> lines out, I'm back to getting the "err: Could not retrieve catalog
> from remote server: Error 403 on SERVER:" message. Hope that helps!

Indeed this was the solution... thanks so much for your help!!
I'm agree it's strange that those lines are not in the provided
template...
Anyone know why?

>
> --
> Aaron "ElasticDog" Schaefer

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Re: error on puppet 25.4 with passenger 2.2.2

2010-02-08 Thread Aaron Schaefer

On Feb 8, 3:18 am, Christophe Bonnaud  wrote:
> so I have obviously an authorization problem, but i cannot find the
> solution to this problem...
>
> Does anyone have a suggestion?


I've seen the same thing with my setup...the solution for me was to
put the "RequestHeader" lines found on the Puppet Passenger wiki page
(http://www.reductivelabs.com/trac/puppet/wiki/UsingPassenger) into my
Apache virtual host config:

RequestHeader set X-SSL-Subject %{SSL_CLIENT_S_DN}e
RequestHeader set X-Client-DN %{SSL_CLIENT_S_DN}e
RequestHeader set X-Client-Verify %{SSL_CLIENT_VERIFY}e

...not sure why that section isn't included in the provided template
(./ext/rack/files/apache2.conf) from the puppet sources (I'm using
v0.25.4), but adding them fixed things up for me. Note that I also
don't have an auth.conf file, and even if I add one and take these
lines out, I'm back to getting the "err: Could not retrieve catalog
from remote server: Error 403 on SERVER:" message. Hope that helps!

--
Aaron "ElasticDog" Schaefer

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Re: error on puppet 25.4 with passenger 2.2.2

[Puppet Users] Re: error on puppet 25.4 with passenger 2.2.2

Re: [Puppet Users] Re: error on puppet 25.4 with passenger 2.2.2

[Puppet Users] Re: error on puppet 25.4 with passenger 2.2.2

[Puppet Users] Re: error on puppet 25.4 with passenger 2.2.2

5 matches

Site Navigation

Mail list logo

Footer information