On Nov 13, 2010, at 4:48 PM, Marek Dohojda wrote: > further research on this: > I think the issue is with the certificates. Although I have no idea what. I > removed /var/lib/puppet/ssl directory and recreated it. When a client tries > to get catalog I get the following error: > [2010-11-13 19:31:22] ERROR OpenSSL::SSL::SSLError: tlsv1 alert unknown ca > /usr/lib/ruby/site_ruby/1.8/puppet/network/http/webrick.rb:44:in > `accept' > /usr/lib/ruby/site_ruby/1.8/puppet/network/http/webrick.rb:44:in > `listen' > /usr/lib/ruby/1.8/webrick/server.rb:173:in `call' > /usr/lib/ruby/1.8/webrick/server.rb:173:in `start_thread' > /usr/lib/ruby/1.8/webrick/server.rb:162:in `start' > /usr/lib/ruby/1.8/webrick/server.rb:162:in `start_thread' > /usr/lib/ruby/1.8/webrick/server.rb:95:in `start' > /usr/lib/ruby/1.8/webrick/server.rb:92:in `each' > /usr/lib/ruby/1.8/webrick/server.rb:92:in `start' > /usr/lib/ruby/1.8/webrick/server.rb:23:in `start' > /usr/lib/ruby/1.8/webrick/server.rb:82:in `start' > /usr/lib/ruby/site_ruby/1.8/puppet/network/http/webrick.rb:42:in > `listen' > /usr/lib/ruby/site_ruby/1.8/puppet/network/http/webrick.rb:41:in > `initialize' > /usr/lib/ruby/site_ruby/1.8/puppet/network/http/webrick.rb:41:in `new' > /usr/lib/ruby/site_ruby/1.8/puppet/network/http/webrick.rb:41:in > `listen' > /usr/lib/ruby/1.8/thread.rb:135:in `synchronize' > /usr/lib/ruby/site_ruby/1.8/puppet/network/http/webrick.rb:38:in > `listen' > /usr/lib/ruby/site_ruby/1.8/puppet/network/server.rb:131:in `listen' > /usr/lib/ruby/site_ruby/1.8/puppet/network/server.rb:146:in `start' > /usr/lib/ruby/site_ruby/1.8/puppet/daemon.rb:128:in `start' > > /usr/lib/ruby/site_ruby/1.8/puppet/application/puppetmasterd.rb:122:in `main' > /usr/lib/ruby/site_ruby/1.8/puppet/application.rb:226:in `send' > /usr/lib/ruby/site_ruby/1.8/puppet/application.rb:226:in `run_command' > /usr/lib/ruby/site_ruby/1.8/puppet/application.rb:217:in `run' > /usr/lib/ruby/site_ruby/1.8/puppet/application.rb:306:in > `exit_on_fail' > /usr/lib/ruby/site_ruby/1.8/puppet/application.rb:217:in `run' > /usr/sbin/puppetmasterd:66 > > > I am hitting my head against the wall. I have no clue what I am missing. I > removed everything, and recreated everything from scratch and still nothing.
It looks to me like you didn't wipe the client's directory. I'm guessing that the ca is still cached on the client at /var/lib/puppet/ssl/ca.pem (I think that's the right place) > On Thu, Nov 11, 2010 at 9:21 PM, Marek Dohojda <chro...@gmail.com> wrote: > new SSL has been created I confirmed it and tested it. > > From: Teyo Tyree > Sent: Thursday, November 11, 2010 9:09 PM > To: puppet-users@googlegroups.com > Subject: Re: [Puppet Users] ERROR OpenSSL::SSL::SSLError: tlsv1 alert unknown > ca > > On Thu, Nov 11, 2010 at 4:56 PM, Marek Dohojda <chro...@gmail.com> wrote: > Puppet 0.25.3-2 > > I accidentally removed puppet (didn't notice that removing ruby also removes > puppet, yes stupid). And I re-installed. All the files are the same. That > includes classes and configuration. > > However I can't seem to get things working again. here is what I done > > removed /var/lib/puppet/ssl on puppetmaster and on all guests > > Does /var/lib/puppet/ssl/ca exist? If not, restart the puppetmaster. A new > CA should be created. > > -- > Teyo Tyree :: www.puppetlabs.com:: +1.503.208.4475 > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To post to this group, send email to puppet-us...@googlegroups.com. > To unsubscribe from this group, send email to > puppet-users+unsubscr...@googlegroups.com. > For more options, visit this group at > http://groups.google.com/group/puppet-users?hl=en. > > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To post to this group, send email to puppet-us...@googlegroups.com. > To unsubscribe from this group, send email to > puppet-users+unsubscr...@googlegroups.com. > For more options, visit this group at > http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
