This issue seems to still manifest itself in 0.25.1. And I think I can easly reproduce it. Shall I post the details (new ticket on redmine) or it's already fixed? Redmine doesn't return anything if I search for "Retrieved certificate does not match private key". The reason for this is the way a client retrieves its signed certificate from the server..
Silviu PS sorry for replying to such an old post, but since it's a bug I think it's excusable... On 14.10.2009 23:47, James Turnbull wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Matt wrote: > >> FWIW - >> >> I currently see this error on around 30% of our EC2 nodes since moving >> to 0.25. We also use the rpm's provided for both client and master. >> The fix is for us to log on to the EC2 node, remove the cert, run a >> puppetca --clean on the master for the hostname, and then start puppet >> again on the client. >> >> I haven't had time to figure out was going on yet, but it feels like >> the first poll is somehow generating a bad key. >> > Have you logged a ticket? > > Could I ask you and/or Douglas to please log one with the client and > server logs showing the error (please run Puppet with --trace > - --verbose --debug). > > http://projects.reductivelabs.com/projects/puppet/issues/new > > Thanks > > James Turnbull > > - -- > Author of: > * Pro Linux Systems Administration (http://tinyurl.com/linuxadmin) > * Pulling Strings with Puppet (http://tinyurl.com/pupbook) > * Pro Nagios 2.0 (http://tinyurl.com/pronagios) > * Hardening Linux (http://tinyurl.com/hardeninglinux) > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.7 (Darwin) > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ > > iQEVAwUBStY43iFa/lDkFHAyAQK4DwgAwXb4c2CEQG5iEkdFF+h7vOFK8cg9a0Rx > I1gJYuvCAX2D7ocSqL0keoHUG/3MVsRjICKalnuMg1yWzroGl7Wg66VH67TyawQi > eGGfWGT/6VLFmhsHL3prPc7prSq65yawOKfl2HvuIbmxHK4CR8h3pxVFJ6uDb2Hq > KzuRFSYuJfFCw/f1RduZDRLmPwUbA8xpyPiXfWgsVsL9NDap+5SHYM9x100y5Cs0 > KsH5SGaVoOZCy5/1Pgi4SghT2QGUzm0/1ZZiJQJcqr3yT52H+QMS5aQR9EnFIBix > FmPjTMhnS3Ng+WZV+XwWCLFDtZuXB1EWARvJsNkMg9t7XXnpgg8WkA== > =YR9f > -----END PGP SIGNATURE----- > > --~--~---------~--~----~------------~-------~--~----~ > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To post to this group, send email to puppet-users@googlegroups.com > To unsubscribe from this group, send email to > puppet-users+unsubscr...@googlegroups.com > For more options, visit this group at > http://groups.google.com/group/puppet-users?hl=en > -~----------~----~----~----~------~----~------~--~--- > > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
