Dear everyone! I’ve been suffering all week to fix all manner of SSL issues on my test setup, not realizing that it was my puppet master where I had made a mistake. I’ve spoken to people in the IRC room for long enough to know that a lot of people have this problem, so I’ve come up with a quick and dirty hack, that has FIXED all 4 test setups I built. If you getting that dreaded hostname not matching SSL certificate or other, and your puppet server IS NOT a production server then you go do what I did ☺
• Okay, first nuke both SSL directories, on puppetmaster and client, I did #] mv ssl sslbackup • Make sure puppet is NOT running on the client • Make sure that the puppet master hostname is what you expect it to be, (google change linux hostname, to be SURE) • Add an entry to puppet client host file, to force it to go to the right server – Or you can update your DNS and wait for it to propagate • On client: #] puppetd --waitforcert 60 --test --server host.domainname.com, • On server: #] puppetca –list • On the server you should see -- puppetclient.domain.com • On server #] puppetca –sign puppetclient.domain.com At this point your puppetclient should ‘give in’ and for ever be linked with your puppet master to do it’s bidding when called upon! Don’t forget to restart puppet on the client If anyone has anything to add, or if I got this completely wrong, feel free to flame the crap out of me, at least we all learn together – and I was actually able to make a contribution pretty quick in my puppet career ☺ Have a good weekend! -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
