Hi, Having followed a tutorial[1], I have puppetmaster successfully set up on my LAN and my two local machines pulling /etc/hosts from it.
I would like to use Puppet to manage a machine sitting on another LAN, accessed across the internet. I am struggling to get this to work, seemingly because of the discrepancies between FQDNs. puppetmaster is running on "europa.kp113.lan" within my local network, and is accessible externally via XYZ.ath.cx:8140. The remote Puppet client is running on "ganymede.lp12.lan" within the remote LAN, and is configured to find the server at XYZ.ath.cx. I have signed the certificate for "ganymede.lp12.lan" on the master. Subsequent Puppet runs on the remote client give me this: # puppetd --test --debug --server XYZ.ath.cx ... debug: Calling puppetca.getcert warning: peer certificate won't be verified in this SSL session notice: Got signed certificate ... info: Retrieving plugins debug: Calling fileserver.list warning: Certificate validation failed; consider using the certname configuration option err: /File[/var/lib/puppet/lib]: Failed to generate additional resources during transaction: Certificates were not trusted: hostname was not match with the server certificate I have tried fiddling with the "certname" configuration option at both ends, but I can't seem to get both local clients and the remote client working at the same time by doing so. I have Googled, looked at the Reductive Labs Puppet FAQ[2], searched this group and consulted the "External Nodes" wiki page[3] for pointers to no avail. All three machines concerned are running Ubuntu 9.10. Any assistance in completing the setup described above would be greatly appreciated. Cheers, Alex [1] http://www.devco.net/pubwiki/Puppet/GettingStarted [2] http://reductivelabs.com/trac/puppet/wiki/FrequentlyAskedQuestions [3] http://www.reductivelabs.com/trac/puppet/wiki/ExternalNodes
-- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
