On Jun 27, 2010, at 12:50 PM, Douglas Garstang wrote:
On Sun, Jun 27, 2010 at 12:47 PM, Douglas Garstang
doug.garst...@gmail.com wrote:
On Sun, Jun 27, 2010 at 12:34 PM, Douglas Garstang
doug.garst...@gmail.com wrote:
Here we go with puppet 0.25 certificate problems again.
I had a system where puppet was running fine. I reinstalled it.
Running puppet on the client causes this:
Could not request certificate: Retrieved certificate does not match
private key; please remove certificate from server and regenerate it
with the current key.
Fine... so I run 'puppetca --clean kick01.fr.xxx.com' on the server,
who responds with:
[r...@inst01 puppet]# puppetca --clean kick01.fr.xxx.com
kick01.fr.xxx.com
notice: Removing file Puppet::SSL::Certificate kick01.fr.xxx.com at
'/var/lib/puppet/ssl/ca/signed/kick01.fr.xxx.com.pem'
I then rerun puppet on the client and I am getting the same error. I
must have done this hundreds of times with 0.24.8. What am I doing
wrong now?
Doug.
*sigh*
On the client, I removed the puppet rpm, blew away /var/lib/puppet,
and reinstalled the puppet rpm again. Started puppet, it requested a
certificate (but it logged nothing on the client about it, even in
debug mode), signed it on the server, and I am still getting this on
the client.
warning: peer certificate won't be verified in this SSL session
info: Caching certificate for kick01.fr.xxx.com
err: Could not request certificate: Retrieved certificate does not
match private key; please remove certificate from server and
regenerate it with the current key
*sigh*
Puppet is on crack. Even when the server isn't running, I STILL get this
error!
I think I know what the problem is. I ran into this exact error message
before. Try this:
Step 1, run this on client:
service puppet stop
rm -R /var/lib/puppet
Step 2, run this on server:
puppetca --clean kick01.fr.xxx.com #Make sure to change this back
Step 3, run this on client:
#Restart the client how ever you like. I recommend this for testing:
puppetd --test --verbose --debug
I'm pretty sure this will work. If it does, I'll by happy to explain why you
got all those different error messages.
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.