Hi, I think you are facing https://projects.puppetlabs.com/issues/3640#note-11
<https://projects.puppetlabs.com/issues/3640#note-11>which would hopefully be resolved in https://projects.puppetlabs.com/issues/3770. I must admit that I did not have time to continue troubleshooting this further... Ohad On Mon, Nov 29, 2010 at 11:44 PM, Alan Barrett <a...@cequrux.com> wrote: > On Mon, 29 Nov 2010, Patrick wrote: > > > So, it seems that the puppetd client is doing something different from > > > the "openssl s_client" command used for testing. What certificate is > > > the puppetd client attempting to present, and how can I change that? > > > > Run this on the client for the config puppet is using: > > puppetd --genconfig > > I use that all the time. The file names that I passed to "openssl > s_client" are identical to those reported by "puppetd --genconfig". > > Whether or not the clientcrl file (ca_crl.pem) exists seems to have > something to do with the problem but I haven't figured out the details. > If I delete that file, then the puppetd client can connect, and it > downloads a fresh copy of the CRL, after which it can no longer connect. > I have configured certificate_revocation=false on the server, but it > nevertheless sends the CRL file to the client. > > --apb (Alan Barrett) > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To post to this group, send email to puppet-us...@googlegroups.com. > To unsubscribe from this group, send email to > puppet-users+unsubscr...@googlegroups.com<puppet-users%2bunsubscr...@googlegroups.com> > . > For more options, visit this group at > http://groups.google.com/group/puppet-users?hl=en. > > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
