2009/6/8 Arnau Bria <arnaub...@pic.es>:
>
> Hi all,
>
> we're doing some test with new puppet server and we'd like to run many
> clients against this new server.
> So I tried to stop puppetd (or cron) in one client and run it by hand
> like:
>
> /usr/bin/ruby /usr/sbin/puppetd --server=new_server.domain.com --test
>
> but I get:
> warning: Certificate validation failed; consider using the certname
> configuration option
> err: Could not retrieve catalog: Certificates were not trusted: certificate
> verify failed
> warning: Not using cache on failed catalog
>
>
> So, from the client side, how may I clean cert conf with previous
> server?
>
> TIA,
> Arnau
>
changing $ssldir in puppet.conf might be a better / more flexible
solution if you want to go back and forth between the two puppet
servers.
Otherwise, within $ssldir, files that matter:
./private_keys/${fqdn}.pem
./certs/${fqdn}.pem
./certs/ca.pem
./${fqdn}.pem
./public_keys/${fqdn}.pem
A third option would be to put the contents of ca.pem from both
puppetmasters on each puppetmaster and client. Not sure if that'll
work, in particular if you're using webrick. YMMV.
.r'
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en
-~----------~----~----~----~------~----~------~--~---
