Re: [Puppet Users] Windows node fails to request certificate (SSL error)
I left the node running overnight with the puppet service enabled. This morning it was working normally, so I did not have a chance to do any further experiments. This is similar to what happened on the other nodes, and leads me back to the suspicion that it has something to do with the time sync of the nodes. The master is synced via NTP, but these nodes do not have an accessible timeserver (that's what puppet is supposed to add...), so they started out with a considerable drift in either direction from the current time (up to 10 minutes). This second attempt that worked after waiting overnight was after a clean install with the time already manually synced. The master is running 3.1.0. The Windows nodes have agent 3.3.1 I also upgraded to 3.3.2 on this particular node in question. Dan On Thursday, December 5, 2013 4:58:03 PM UTC-5, Rob Reynolds wrote: > > Dan, > Thanks for the detailed question. What version of Puppet agent do you have > installed? > > On Thu, Dec 5, 2013 at 9:29 AM, > wrote: > >> I am mostly using Puppet for Linux nodes, but I have started deploying it >> on a handful of Windows nodes, but seem to run into SSL problems every time >> on the initial deployment. I think I have hit this error on all three nodes >> so far, but currently two are working and one is not. All three nodes are >> virtually identical servers running Windows Server 2012 R2. >> >> [0;36mDebug: Failed to load library 'syslog' for feature 'syslog' [0m >> [0;36mDebug: Failed to load library 'selinux' for feature 'selinux' [0m >> [0;36mDebug: Using settings: adding file resource 'confdir': >> 'File[C:/ProgramData/PuppetLabs/puppet/etc]{:path=>"C:/ProgramData/PuppetLabs/puppet/etc", >> >> :ensure=>:directory, :loglevel=>:debug, :links=>:follow, :backup=>false}' >> [0m >> [0;36mDebug: Using settings: adding file resource 'vardir': >> 'File[C:/ProgramData/PuppetLabs/puppet/var]{:path=>"C:/ProgramData/PuppetLabs/puppet/var", >> >> :ensure=>:directory, :loglevel=>:debug, :links=>:follow, :backup=>false}' >> [0m >> [0;36mDebug: Using settings: adding file resource 'logdir': >> 'File[C:/ProgramData/PuppetLabs/puppet/var/log]{:path=>"C:/ProgramData/PuppetLabs/puppet/var/log", >> >> :mode=>"750", :ensure=>:directory, :loglevel=>:debug, :links=>:follow, >> :backup=>false}' [0m >> [0;36mDebug: Using settings: adding file resource 'statedir': >> 'File[C:/ProgramData/PuppetLabs/puppet/var/state]{:path=>"C:/ProgramData/PuppetLabs/puppet/var/state", >> >> :mode=>"1755", :ensure=>:directory, :loglevel=>:debug, :links=>:follow, >> :backup=>false}' [0m >> [0;36mDebug: Using settings: adding file resource 'rundir': >> 'File[C:/ProgramData/PuppetLabs/puppet/var/run]{:path=>"C:/ProgramData/PuppetLabs/puppet/var/run", >> >> :mode=>"755", :ensure=>:directory, :loglevel=>:debug, :links=>:follow, >> :backup=>false}' [0m >> [0;36mDebug: Using settings: adding file resource 'libdir': >> 'File[C:/ProgramData/PuppetLabs/puppet/var/lib]{:path=>"C:/ProgramData/PuppetLabs/puppet/var/lib", >> >> :ensure=>:directory, :loglevel=>:debug, :links=>:follow, :backup=>false}' >> [0m >> [0;36mDebug: Using settings: adding file resource 'certdir': >> 'File[C:/ProgramData/PuppetLabs/puppet/etc/ssl/certs]{:path=>"C:/ProgramData/PuppetLabs/puppet/etc/ssl/certs", >> >> :ensure=>:directory, :loglevel=>:debug, :links=>:follow, :backup=>false}' >> [0m >> [0;36mDebug: Using settings: adding file resource 'ssldir': >> 'File[C:/ProgramData/PuppetLabs/puppet/etc/ssl]{:path=>"C:/ProgramData/PuppetLabs/puppet/etc/ssl", >> >> :mode=>"771", :ensure=>:directory, :loglevel=>:debug, :links=>:follow, >> :backup=>false}' [0m >> [0;36mDebug: Using settings: adding file resource 'publickeydir': >> 'File[C:/ProgramData/PuppetLabs/puppet/etc/ssl/public_keys]{:path=>"C:/ProgramData/PuppetLabs/puppet/etc/ssl/public_keys", >> >> :ensure=>:directory, :loglevel=>:debug, :links=>:follow, :backup=>false}' >> [0m >> [0;36mDebug: Using settings: adding file resource 'requestdir': >> 'File[C:/ProgramData/PuppetLabs/puppet/etc/ssl/certificate_requests]{:path=>"C:/ProgramData/PuppetLabs/puppet/etc/ssl/certificate_requests", >> >> :ensure=>:directory, :loglevel=>:debug, :links=>:follow, :backup=>false}' >> [0m >> [0;36mDebug: Using settings: adding file resource 'privatekeydir': >> 'File[C:/ProgramData/PuppetLabs/puppet/etc/ssl/private_keys]{:path=>"C:/ProgramData/PuppetLabs/puppet/etc/ssl/private_keys", >> >> :mode=>"750", :ensure=>:directory, :loglevel=>:debug, :links=>:follow, >> :backup=>false}' [0m >> [0;36mDebug: Using settings: adding file resource 'privatedir': >> 'File[C:/ProgramData/PuppetLabs/puppet/etc/ssl/private]{:path=>"C:/ProgramData/PuppetLabs/puppet/etc/ssl/private", >> >> :mode=>"750", :ensure=>:directory, :loglevel=>:debug, :links=>:follow, >> :backup=>false}' [0m >> [0;36mDebug: Using settings: adding file resource 'hostprivkey': >> 'File[C:/ProgramData/PuppetLabs/puppet/etc/ssl/private_keys/testnode1.pem]{:path
Re: [Puppet Users] Windows node fails to request certificate (SSL error)
Dan, Thanks for the detailed question. What version of Puppet agent do you have installed? On Thu, Dec 5, 2013 at 9:29 AM, wrote: > I am mostly using Puppet for Linux nodes, but I have started deploying it > on a handful of Windows nodes, but seem to run into SSL problems every time > on the initial deployment. I think I have hit this error on all three nodes > so far, but currently two are working and one is not. All three nodes are > virtually identical servers running Windows Server 2012 R2. > > [0;36mDebug: Failed to load library 'syslog' for feature 'syslog' [0m > [0;36mDebug: Failed to load library 'selinux' for feature 'selinux' [0m > [0;36mDebug: Using settings: adding file resource 'confdir': > 'File[C:/ProgramData/PuppetLabs/puppet/etc]{:path=>"C:/ProgramData/PuppetLabs/puppet/etc", > :ensure=>:directory, :loglevel=>:debug, :links=>:follow, :backup=>false}' > [0m > [0;36mDebug: Using settings: adding file resource 'vardir': > 'File[C:/ProgramData/PuppetLabs/puppet/var]{:path=>"C:/ProgramData/PuppetLabs/puppet/var", > :ensure=>:directory, :loglevel=>:debug, :links=>:follow, :backup=>false}' > [0m > [0;36mDebug: Using settings: adding file resource 'logdir': > 'File[C:/ProgramData/PuppetLabs/puppet/var/log]{:path=>"C:/ProgramData/PuppetLabs/puppet/var/log", > :mode=>"750", :ensure=>:directory, :loglevel=>:debug, :links=>:follow, > :backup=>false}' [0m > [0;36mDebug: Using settings: adding file resource 'statedir': > 'File[C:/ProgramData/PuppetLabs/puppet/var/state]{:path=>"C:/ProgramData/PuppetLabs/puppet/var/state", > :mode=>"1755", :ensure=>:directory, :loglevel=>:debug, :links=>:follow, > :backup=>false}' [0m > [0;36mDebug: Using settings: adding file resource 'rundir': > 'File[C:/ProgramData/PuppetLabs/puppet/var/run]{:path=>"C:/ProgramData/PuppetLabs/puppet/var/run", > :mode=>"755", :ensure=>:directory, :loglevel=>:debug, :links=>:follow, > :backup=>false}' [0m > [0;36mDebug: Using settings: adding file resource 'libdir': > 'File[C:/ProgramData/PuppetLabs/puppet/var/lib]{:path=>"C:/ProgramData/PuppetLabs/puppet/var/lib", > :ensure=>:directory, :loglevel=>:debug, :links=>:follow, :backup=>false}' > [0m > [0;36mDebug: Using settings: adding file resource 'certdir': > 'File[C:/ProgramData/PuppetLabs/puppet/etc/ssl/certs]{:path=>"C:/ProgramData/PuppetLabs/puppet/etc/ssl/certs", > :ensure=>:directory, :loglevel=>:debug, :links=>:follow, :backup=>false}' > [0m > [0;36mDebug: Using settings: adding file resource 'ssldir': > 'File[C:/ProgramData/PuppetLabs/puppet/etc/ssl]{:path=>"C:/ProgramData/PuppetLabs/puppet/etc/ssl", > :mode=>"771", :ensure=>:directory, :loglevel=>:debug, :links=>:follow, > :backup=>false}' [0m > [0;36mDebug: Using settings: adding file resource 'publickeydir': > 'File[C:/ProgramData/PuppetLabs/puppet/etc/ssl/public_keys]{:path=>"C:/ProgramData/PuppetLabs/puppet/etc/ssl/public_keys", > :ensure=>:directory, :loglevel=>:debug, :links=>:follow, :backup=>false}' > [0m > [0;36mDebug: Using settings: adding file resource 'requestdir': > 'File[C:/ProgramData/PuppetLabs/puppet/etc/ssl/certificate_requests]{:path=>"C:/ProgramData/PuppetLabs/puppet/etc/ssl/certificate_requests", > :ensure=>:directory, :loglevel=>:debug, :links=>:follow, :backup=>false}' > [0m > [0;36mDebug: Using settings: adding file resource 'privatekeydir': > 'File[C:/ProgramData/PuppetLabs/puppet/etc/ssl/private_keys]{:path=>"C:/ProgramData/PuppetLabs/puppet/etc/ssl/private_keys", > :mode=>"750", :ensure=>:directory, :loglevel=>:debug, :links=>:follow, > :backup=>false}' [0m > [0;36mDebug: Using settings: adding file resource 'privatedir': > 'File[C:/ProgramData/PuppetLabs/puppet/etc/ssl/private]{:path=>"C:/ProgramData/PuppetLabs/puppet/etc/ssl/private", > :mode=>"750", :ensure=>:directory, :loglevel=>:debug, :links=>:follow, > :backup=>false}' [0m > [0;36mDebug: Using settings: adding file resource 'hostprivkey': > 'File[C:/ProgramData/PuppetLabs/puppet/etc/ssl/private_keys/testnode1.pem]{:path=>"C:/ProgramData/PuppetLabs/puppet/etc/ssl/private_keys/testnode1.pem", > :mode=>"600", :ensure=>:file, :loglevel=>:debug, :links=>:follow, > :backup=>false}' [0m > [0;36mDebug: Using settings: adding file resource 'hostpubkey': > 'File[C:/ProgramData/PuppetLabs/puppet/etc/ssl/public_keys/testnode1.pem]{:path=>"C:/ProgramData/PuppetLabs/puppet/etc/ssl/public_keys/testnode1.pem", > :mode=>"644", :ensure=>:file, :loglevel=>:debug, :links=>:follow, > :backup=>false}' [0m > [0;36mDebug: Using settings: adding file resource 'localcacert': > 'File[C:/ProgramData/PuppetLabs/puppet/etc/ssl/certs/ca.pem]{:path=>"C:/ProgramData/PuppetLabs/puppet/etc/ssl/certs/ca.pem", > :mode=>"644", :ensure=>:file, :loglevel=>:debug, :links=>:follow, > :backup=>false}' [0m > [0;36mDebug: Using settings: adding file resource 'clientyamldir': > 'File[C:/ProgramData/PuppetLabs/puppet/var/client_yaml]{:path=>"C:/ProgramData/PuppetLabs/puppet/var/client_yaml", > :mode=>"750", :ensure=>:directory, :loglevel=>:debug, :links=>:follow, > :backup=>false}' [0m
[Puppet Users] Windows node fails to request certificate (SSL error)
I am mostly using Puppet for Linux nodes, but I have started deploying it on a handful of Windows nodes, but seem to run into SSL problems every time on the initial deployment. I think I have hit this error on all three nodes so far, but currently two are working and one is not. All three nodes are virtually identical servers running Windows Server 2012 R2. [0;36mDebug: Failed to load library 'syslog' for feature 'syslog' [0m [0;36mDebug: Failed to load library 'selinux' for feature 'selinux' [0m [0;36mDebug: Using settings: adding file resource 'confdir': 'File[C:/ProgramData/PuppetLabs/puppet/etc]{:path=>"C:/ProgramData/PuppetLabs/puppet/etc", :ensure=>:directory, :loglevel=>:debug, :links=>:follow, :backup=>false}' [0m [0;36mDebug: Using settings: adding file resource 'vardir': 'File[C:/ProgramData/PuppetLabs/puppet/var]{:path=>"C:/ProgramData/PuppetLabs/puppet/var", :ensure=>:directory, :loglevel=>:debug, :links=>:follow, :backup=>false}' [0m [0;36mDebug: Using settings: adding file resource 'logdir': 'File[C:/ProgramData/PuppetLabs/puppet/var/log]{:path=>"C:/ProgramData/PuppetLabs/puppet/var/log", :mode=>"750", :ensure=>:directory, :loglevel=>:debug, :links=>:follow, :backup=>false}' [0m [0;36mDebug: Using settings: adding file resource 'statedir': 'File[C:/ProgramData/PuppetLabs/puppet/var/state]{:path=>"C:/ProgramData/PuppetLabs/puppet/var/state", :mode=>"1755", :ensure=>:directory, :loglevel=>:debug, :links=>:follow, :backup=>false}' [0m [0;36mDebug: Using settings: adding file resource 'rundir': 'File[C:/ProgramData/PuppetLabs/puppet/var/run]{:path=>"C:/ProgramData/PuppetLabs/puppet/var/run", :mode=>"755", :ensure=>:directory, :loglevel=>:debug, :links=>:follow, :backup=>false}' [0m [0;36mDebug: Using settings: adding file resource 'libdir': 'File[C:/ProgramData/PuppetLabs/puppet/var/lib]{:path=>"C:/ProgramData/PuppetLabs/puppet/var/lib", :ensure=>:directory, :loglevel=>:debug, :links=>:follow, :backup=>false}' [0m [0;36mDebug: Using settings: adding file resource 'certdir': 'File[C:/ProgramData/PuppetLabs/puppet/etc/ssl/certs]{:path=>"C:/ProgramData/PuppetLabs/puppet/etc/ssl/certs", :ensure=>:directory, :loglevel=>:debug, :links=>:follow, :backup=>false}' [0m [0;36mDebug: Using settings: adding file resource 'ssldir': 'File[C:/ProgramData/PuppetLabs/puppet/etc/ssl]{:path=>"C:/ProgramData/PuppetLabs/puppet/etc/ssl", :mode=>"771", :ensure=>:directory, :loglevel=>:debug, :links=>:follow, :backup=>false}' [0m [0;36mDebug: Using settings: adding file resource 'publickeydir': 'File[C:/ProgramData/PuppetLabs/puppet/etc/ssl/public_keys]{:path=>"C:/ProgramData/PuppetLabs/puppet/etc/ssl/public_keys", :ensure=>:directory, :loglevel=>:debug, :links=>:follow, :backup=>false}' [0m [0;36mDebug: Using settings: adding file resource 'requestdir': 'File[C:/ProgramData/PuppetLabs/puppet/etc/ssl/certificate_requests]{:path=>"C:/ProgramData/PuppetLabs/puppet/etc/ssl/certificate_requests", :ensure=>:directory, :loglevel=>:debug, :links=>:follow, :backup=>false}' [0m [0;36mDebug: Using settings: adding file resource 'privatekeydir': 'File[C:/ProgramData/PuppetLabs/puppet/etc/ssl/private_keys]{:path=>"C:/ProgramData/PuppetLabs/puppet/etc/ssl/private_keys", :mode=>"750", :ensure=>:directory, :loglevel=>:debug, :links=>:follow, :backup=>false}' [0m [0;36mDebug: Using settings: adding file resource 'privatedir': 'File[C:/ProgramData/PuppetLabs/puppet/etc/ssl/private]{:path=>"C:/ProgramData/PuppetLabs/puppet/etc/ssl/private", :mode=>"750", :ensure=>:directory, :loglevel=>:debug, :links=>:follow, :backup=>false}' [0m [0;36mDebug: Using settings: adding file resource 'hostprivkey': 'File[C:/ProgramData/PuppetLabs/puppet/etc/ssl/private_keys/testnode1.pem]{:path=>"C:/ProgramData/PuppetLabs/puppet/etc/ssl/private_keys/testnode1.pem", :mode=>"600", :ensure=>:file, :loglevel=>:debug, :links=>:follow, :backup=>false}' [0m [0;36mDebug: Using settings: adding file resource 'hostpubkey': 'File[C:/ProgramData/PuppetLabs/puppet/etc/ssl/public_keys/testnode1.pem]{:path=>"C:/ProgramData/PuppetLabs/puppet/etc/ssl/public_keys/testnode1.pem", :mode=>"644", :ensure=>:file, :loglevel=>:debug, :links=>:follow, :backup=>false}' [0m [0;36mDebug: Using settings: adding file resource 'localcacert': 'File[C:/ProgramData/PuppetLabs/puppet/etc/ssl/certs/ca.pem]{:path=>"C:/ProgramData/PuppetLabs/puppet/etc/ssl/certs/ca.pem", :mode=>"644", :ensure=>:file, :loglevel=>:debug, :links=>:follow, :backup=>false}' [0m [0;36mDebug: Using settings: adding file resource 'clientyamldir': 'File[C:/ProgramData/PuppetLabs/puppet/var/client_yaml]{:path=>"C:/ProgramData/PuppetLabs/puppet/var/client_yaml", :mode=>"750", :ensure=>:directory, :loglevel=>:debug, :links=>:follow, :backup=>false}' [0m [0;36mDebug: Using settings: adding file resource 'client_datadir': 'File[C:/ProgramData/PuppetLabs/puppet/var/client_data]{:path=>"C:/ProgramData/PuppetLabs/puppet/var/client_data", :mo