Oh, I also found that I get this error on the client when the server isn't even running. Huh? I mean, I have a cleanly installed system, with a genconf generated puppet.conf and it complains about server keys being wrong, when the server isn't up. Something is seriously screwed here.
On Tue, Oct 13, 2009 at 12:24 PM, Douglas Garstang <doug.garst...@gmail.com> wrote: > I removed /var/lib/puppet too. > > On Tue, Oct 13, 2009 at 11:31 AM, Joe McDonagh > <joseph.e.mcdon...@gmail.com> wrote: >> >> Douglas Garstang wrote: >>> I've been tearing my hair out since 1am this morning trying to get the >>> puppet server and client to communicate. >>> >>> The latest chapter in this epic saga has this coming up on the client >>> each time I run puppetd: >>> >>> Could not prepare for execution: Retrieved certificate does not match >>> private key; please remove certificate from server and regenerate it >>> with the current key >>> >>> I know it's not a client issue because I've re-imaged the client, and >>> used a default standard puppet.conf generated with --genconf. >>> >>> On the server side, I've removed the puppetmaster rpm, cleared all the >>> directories, reinstalled the rpm and and regenerated a default >>> puppet.conf with puppetmasterd --genconf. What is quite disconcerting >>> is that puppet can't create it's own directories in a lot of cases... >>> >>> /usr/lib/ruby/site_ruby/1.8/puppet/util/pidlock.rb:33:in `initialize': >>> Permission denied - /var/puppet/run/puppetmasterd.pid (Errno::EACCES) >>> >>> ... which leaves me wondering what else is screwed up. Yes, I am >>> running as root. Anyway, after manually creating /var/puppet/run and >>> chowning it to puppet, puppetmaster starts. I don't know where else to >>> look. As said, cleared all files on server, reinstalled, re-imaged >>> client. What am I missing? Puppet version is 0.25rc1. >>> >>> Doug. >>> >>> > >>> >> Depending on how you removed the RPM on the master, you may have SSL >> certificates still hanging out under /var/lib/puppet/ssl. That's why the >> certificate it serves doesn't match the new private key. >> >> -- >> Joe McDonagh >> Operations Engineer >> www.colonfail.com >> >> >> >> >> > > > > -- > Regards, > > Douglas Garstang > http://www.linkedin.com/in/garstang > Email: doug.garst...@gmail.com > Cell: +1-805-340-5627 > -- Regards, Douglas Garstang http://www.linkedin.com/in/garstang Email: doug.garst...@gmail.com Cell: +1-805-340-5627 --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~----------~----~----~----~------~----~------~--~---
