Brian, Login to your second puppetmaster and try the following:
- backup your /var/lib/puppet and /etc/puppet dirs - stop your puppetmaster and puppetd processes - rm -rf /var/lib/puppet/ssl - edit your /etc/puppet.conf - under the [main] section add: ca = false ca_server = <fqdn of your first puppetmaster> - on your first puppet master do puppetca --clean <fqdn of second puppetmaster> - run puppetd on this machine - e.g. - puppetd -t --server <fqdn of your first puppetmaster> - sign the certificate on the first puppetmaster - start puppetmaster Hope this helps, Ohad On Thu, Apr 22, 2010 at 10:18 AM, Brian L. <brianc...@gmail.com> wrote: > I am stomped. > > > I wonder if there is any way to hack to turn off ssl because I need to > really get this to work for the my company before the first puppetmasterd > kneel over. We are running puppet w/i our internal > network so I can give up security / ssl to get it to work. > > I am desperate enough to start hacking. Any pointers where to start? I > will revisit the ssl cert at a later time. > > Brian L. > > > > On Wed, Apr 21, 2010 at 6:04 PM, Brian L. <brianc...@gmail.com> wrote: > >> Markus, >> >> thank you. Let me give that a try and let you know. So sorry for all the >> typo. >> >> Brian L. >> >> >> >> On Wed, Apr 21, 2010 at 5:23 PM, Markus Roberts <mar...@puppetlabs.com>wrote: >> >>> Brian -- >>> >>> It isn't trusting it because the second puppetmaster is claiming to be >>> the first puppetmaster, which it isn't (the same way a bank would squawk if >>> you tried to cash a check with a copy of someone else's ID). Have it >>> generate a certificate for the second puppetmaster (probably using the first >>> as the CA) and see if that fixes it. >>> >>> -- Markus >>> >>> >>> -- >>> You received this message because you are subscribed to the Google Groups >>> "Puppet Developers" group. >>> To post to this group, send email to puppet-...@googlegroups.com. >>> To unsubscribe from this group, send email to >>> puppet-dev+unsubscr...@googlegroups.com<puppet-dev%2bunsubscr...@googlegroups.com> >>> . >>> For more options, visit this group at >>> http://groups.google.com/group/puppet-dev?hl=en. >>> >> >> > -- > You received this message because you are subscribed to the Google Groups > "Puppet Developers" group. > To post to this group, send email to puppet-...@googlegroups.com. > To unsubscribe from this group, send email to > puppet-dev+unsubscr...@googlegroups.com<puppet-dev%2bunsubscr...@googlegroups.com> > . > For more options, visit this group at > http://groups.google.com/group/puppet-dev?hl=en. > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
