Public bug reported:

Binary package hint: puppet

There is a bug in the default apache puppetmaster vhost that's included
in the package.

#  puppetd --server puppet.fqdn --waitforcert 60 --no-usecacheonfailure
err: Could not retrieve catalog from remote server: SSL_connect returned=1 
errno=0 state=SSLv3 read server session ticket A: tlsv1 alert decrypt error
warning: Not using cache on failed catalog
err: Could not retrieve catalog; skipping run
#


This is easily fixed but it should be changed in the package too:

# mkdir /var/lib/puppet/ssl/ca/crl
# chown -R puppet:puppet /var/lib/puppet/ssl/ca/crl
# grep -i SSLCARevocation /etc/apache2/sites-enabled/puppetmaster 
        # default: SSLCARevocationFile     /var/lib/puppet/ssl/ca/ca_crl.pem
        SSLCARevocationPath     /var/lib/puppet/ssl/ca/crl

** Affects: puppet (Ubuntu)
     Importance: Undecided
         Status: New

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to puppet in ubuntu.
https://bugs.launchpad.net/bugs/722594

Title:
  tlsv1 alert decrypt error

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

Reply via email to