on my puppetmaster server I have an extra dir: /etc/puppet/client
In the /etc/puppet/puppet.conf I have a section for the client:
[puppetd]
server = puppet.mycompany.com
# do not change this since this machine is the server
factsync = false
# Where SSL certificates are kept.
# The default value is '$confdir/ssl'.
# since this is the puppet server, we need a seperate dir for
these files
ssldir = /etc/puppet/client/ssl
---
Thanks,
Allan Marcus
505-667-5666
On Sep 8, 2009, at 10:24 AM, Keith Edmunds wrote:
>
> Is is possible to have a puppetmaster that is a client of a different
> puppetmaster? We manage our customers' server via puppet, but one
> customer
> has a puppetmaster server which looks after their internal systems.
> We've
> tried the following in /etc/puppet/puppet.conf ("customer" and "us"
> replacing the domain names) on their puppetmaster:
>
> [puppetmasterd]
> certname = puppetmaster.customer.com
> templatedir=/var/lib/puppet/templates
>
> [puppetd]
> server = puppetmaster.us.com
> certname = puppetmaster.us.com
>
> When we run "puppetd -t" on that server, we get:
>
> # puppetd -t
>
> warning: Certificate validation failed; consider using the certname
> configuration option
>
> err: Could not retrieve catalog: Certificates were not trusted:
> SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B:
> certificate verify failed
>
> warning: Not using cache on failed catalog
>
> Is there a way around this?
>
> Thanks,
> Keith
>
> >
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en
-~----------~----~----~----~------~----~------~--~---
