Everything I pasted was being run as root; I was logged in as root at the time.
Oh, and: it gets better. I stopped the puppetmaster, and now can't start it: $ puppetca --clean chain.digitalkingdom.org Removing /var/lib/puppet/ssl/ca/signed/chain.digitalkingdom.org.pem Removing /var/lib/puppet/ssl/public_keys/chain.digitalkingdom.org.pem Removing /var/lib/puppet/ssl/private_keys/chain.digitalkingdom.org.pem $ puppetca --clean chain.digitalkingdom.org Could not find client certificate or request for chain.digitalkingdom.org $ /etc/init.d/puppetmaster start Starting puppet configuration management tool master serverCertificate does not match private key. Try 'puppetca --clean chain.digitalkingdom.org' on the server. failed! $ puppetca --clean chain.digitalkingdom.org Removing /var/lib/puppet/ssl/ca/signed/chain.digitalkingdom.org.pem Removing /var/lib/puppet/ssl/public_keys/chain.digitalkingdom.org.pem Removing /var/lib/puppet/ssl/private_keys/chain.digitalkingdom.org.pem -Robin On Wed, Aug 12, 2009 at 05:06:36PM +0300, Silviu Paragina wrote: > > > This happens a lot for me. For the Ubuntu distro this happens when > I don't run via root/puppet. Usualy it's beacause the current user > doesn't have access to the certificates. Try a sudo puppetd --test > or sudo puppetd -tv if you wish. I'm guessing that it's you case > too. I get the same error when running without sudo (or init > scripts), and thow I recreate the certificate nothing happens. > > > > Silviu > > On Wed, 12 Aug 2009 01:03:02 -0700, Robin Lee Powell > <[email protected]> wrote: > > This is me trying to get my puppetmaster to work also as a client. > > I used to work, then I cleaned out all the certs by accident. -_- > > > > I can't find anything in the list about exactly this issue. Help, > > please? > > > > $ puppetd -tv > > warning: peer certificate won't be verified in this SSL session > > err: Could not request certificate: Certificate does not match private > key. > > Try 'puppetca --clean chain.digitalkingdom.org' on the server. > > $ puppetca --clean chain.digitalkingdom.org > > Removing /var/lib/puppet/ssl/ca/signed/chain.digitalkingdom.org.pem > > Removing /var/lib/puppet/ssl/public_keys/chain.digitalkingdom.org.pem > > Removing /var/lib/puppet/ssl/private_keys/chain.digitalkingdom.org.pem > > $ puppetca --list > > No certificates to sign > > $ puppetd -tv > > warning: peer certificate won't be verified in this SSL session > > notice: Did not receive certificate > > notice: Set to run 'one time'; exiting with no certificate > > $ puppetca --list > > chain.digitalkingdom.org > > $ puppetca --sign chain.digitalkingdom.org > > Signed chain.digitalkingdom.org > > $ puppetca --list > > No certificates to sign > > $ puppetd -tv > > warning: peer certificate won't be verified in this SSL session > > info: Creating a new SSL key at > > /var/lib/puppet/ssl/private_keys/chain.digitalkingdom.org.pem > > err: Could not request certificate: Certificate does not match private > key. > > Try 'puppetca --clean chain.digitalkingdom.org' on the server. > > > > -Robin > > > > -- They say: "The first AIs will be built by the military as weapons." And I'm thinking: "Does it even occur to you to try for something other than the default outcome?" See http://shrunklink.com/cdiz http://www.digitalkingdom.org/~rlpowell/ *** http://www.lojban.org/ --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~----------~----~----~----~------~----~------~--~---
