On Monday, May 5, 2014 10:25:50 AM UTC-5, Felix.Frank wrote:
Ah, so you're running the master from an unprivileged user. That makes a
lot of sense now.
Maybe. It is normal to run the *master* as an unprivileged user. The
master does not store anything in its home directory in that
On 05/06/2014 04:56 PM, jcbollinger wrote:
Ah, so you're running the master from an unprivileged user. That
makes a
lot of sense now.
Maybe. It is normal to run the /master/ as an unprivileged user. The
master does not store anything in its home directory in that case,
So for whatever reason I've been seeing this error. I'll usually see it
when doing puppet commands like puppet agent -t or puppet cert clean
[Agent Hostname].
Error: Could not request certificate: The certificate retrieved from the
master does not match the agent's private key.
Certificate
Hi,
first off, because your post is really, really confusing: Is this the
agent running on the master machine? Or are other agents afflicted as well?
On 05/05/2014 04:04 PM, Dan Pasacrita wrote:
So for whatever reason I've been seeing this error. I'll usually see it
when doing puppet commands
Hey, sorry, I kinda posted this in a hurry since I've been taking a ton of
calls during, sorry about that. This error is occurring with every single
agent apparently, including the agent on the master machine.
On Monday, May 5, 2014 10:07:31 AM UTC-4, Felix.Frank wrote:
Hi,
first off,
Okay, thanks.
I don't really see how messing up permissions on the master would cause
such behavior.
Generally, the error means that your agent has lost its private key,
generated a new one, yet the master still retains a certificate it has
signed for use with an older private (agent) key.
To
Well my thinking was that since the certificate is stored in the home
directory, messing with the home directory somehow changed the masters
certificate, which is why none of the agent's keys match it. I really don't
know though, I'm kinda new to puppet and linux. In any case, I can't clean
What do you mean by home directory?
To clean an agent's certificate, use puppet cert clean, but with with
the agent's FQDN as its argument, not the master's FQDN.
On 05/05/2014 04:35 PM, Dan Pasacrita wrote:
Well my thinking was that since the certificate is stored in the home
directory,
By home directory I mean /home, where the directory /home/dpasacrita, and
where (importantly) /home/dpasacrita/.puppet is. This is where the
certificates are stored if I'm understanding this right, and this issue is
apparently with the master's certificate.
I cannot run any puppet cert clean
Ah, so you're running the master from an unprivileged user. That makes a
lot of sense now.
And yes, this is most disturbing.
Would it be feasible to renew all your certificates? Because the current
state looks messed up beyond reason :-)
Cheers,
Felix
On 05/05/2014 05:03 PM, Dan Pasacrita
10 matches
Mail list logo
