I am keen to get this to work, but can't seem to. Will this work with Mongrel and Apache as described at http://reductivelabs.com/trac/puppet/wiki/UsingMongrel ? Im using the EPEL puppet package versions 24.8-4 and simply can't get the client to retrieve the catalog from the "Development" server.
Could not retrieve catalog: Certificates were not trusted: tlsv1 alert unknown ca The clients have all been signed by the "Production" server, I've put ca_server = myProduction.Server.com in the client's puppet.conf. Is there any more detail to add to step 5. below? Thank you. On Nov 6, 9:38 pm, Dan Bode <d...@reductivelabs.com> wrote: > Hi Paul,, > > I just want to share how I have done this before. > > 1. Production server is the only certificate authority. > 2. Development server sets ca_server = false > 3. Development server calls puppetd --server production.server > 4. Development server now gets a copy of the production servers certificate > (ca.pem) > 5. Other machines must get signed by the prod server before they can call > the dev server (there is a ca_server command line argument) > > the puppet dev server ensures that any calling machines have been signed by > the production server (its ca). > > Can you try this setup and see if it resolves your issue? > > There is another thread of people discussing passenger issues. I will go > ahead and stage the passenger config with 25.1 this weekend. I will make a > post outlining my findings. > > hope this helps, > > Dan -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=.
