It now seems to work, I was doing 2 things wrong: not restarting Apache (the master runs under apache + passenger) after certificates were generated. That fixed the initial SSL error (apache was using an older certificate, the ones generated didn't match, etc).
All works fine now, unless I try to get the masters to use themselves as masters. If I configure the masters to use the CA server as a master, puppet agent works fine. If I point the masters to the load balancer in front of the masters, puppet agent throws the same annoying SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed Any tips on that? Thanks -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
