awesome! That works. --- Thanks,
Allan Marcus 505-667-5666 On Dec 4, 2009, at 10:12 AM, Silviu Paragina wrote: > Actually you only need to rm puppet/ssl/certs/client_name.pem > It's a bug in the 25 client that caches the signed certificate > received > from the server, even if it doesn't match it's own key. > > Silviu > > On 04.12.2009 18:45, Allan Marcus wrote: >> ug. I figured it out. >> >> Need to clean the cert on the server, then need to rm /etc/puppet/ssl >> again, then it works. >> >> --- >> Thanks, >> >> Allan Marcus >> 505-667-5666 >> >> >> >> On Dec 4, 2009, at 9:32 AM, Allan Marcus wrote: >> >> >>> I have 0.25.1 on client and server. >>> Everything is working fine. >>> I delete the /etc/puppet/ssl dir to simulate a machine rebuild >>> I run puppetd on the client and I get: >>> >>> debug: Using cached certificate for ca >>> debug: Using cached certificate for h09353by20h.lanl.gov >>> err: Could not request certificate: Retrieved certificate does not >>> match private key; please remove certificate from server and >>> regenerate it with the current key >>> Exiting; failed to retrieve certificate and watiforcert is disabled >>> >>> I've done a puppetca --clean h09353by20h.lanl.gov on the server, >>> but I >>> still get this message. >>> >>> Is there a cached server cert on the client I should be deleting? I >>> need to resolve this error as we are seeing it on more and more >>> machines. >>> >>> >>> --- >>> Thanks, >>> >>> Allan Marcus >>> 505-667-5666 >>> >>> >>> >>> -- >>> >>> You received this message because you are subscribed to the Google >>> Groups "Puppet Users" group. >>> To post to this group, send email to puppet-us...@googlegroups.com. >>> To unsubscribe from this group, send email to >>> puppet-users+unsubscr...@googlegroups.com >>> . >>> For more options, visit this group at >>> http://groups.google.com/group/puppet-users?hl=en >>> . >>> >>> >>> >> -- >> >> You received this message because you are subscribed to the Google >> Groups "Puppet Users" group. >> To post to this group, send email to puppet-us...@googlegroups.com. >> To unsubscribe from this group, send email to >> puppet-users+unsubscr...@googlegroups.com >> . >> For more options, visit this group at >> http://groups.google.com/group/puppet-users?hl=en >> . >> >> >> > > -- > > You received this message because you are subscribed to the Google > Groups "Puppet Users" group. > To post to this group, send email to puppet-us...@googlegroups.com. > To unsubscribe from this group, send email to > puppet-users+unsubscr...@googlegroups.com > . > For more options, visit this group at > http://groups.google.com/group/puppet-users?hl=en > . > > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
