I tried that command as you suggested. As far as I can tell, it didn't give me much useful information. Here is what it had:
debug: Failed to load library 'selinux' for feature 'selinux' debug: Puppet::Type::User::ProviderLdap: true value when expecting false debug: Puppet::Type::User::ProviderDirectoryservice: file /usr/bin/dscl does not exist debug: Puppet::Type::User::ProviderUser_role_add: file roleadd does not exist debug: Puppet::Type::User::ProviderPw: file pw does not exist debug: /File[/etc/puppetlabs/puppet/ssl]: Autorequiring File[/etc/puppetlabs/puppet] debug: /File[/var/opt/lib/pe-puppet/lib]: Autorequiring File[/var/opt/lib/pe-puppet] It then continued to autorequire a bunch of ssl files - basically the entire directory structure of /etc/puppetlabs/puppet/ssl as well as all the pem files. In /var/log/messages, I see this on both the puppet master server and the client: Mar 13 10:42:38 puppet-master puppet-agent[4729]: Could not request certificate: Connection refused - connect(2) "puppet-master" is the hostname of my puppet server. However, "puppet-agent" is NOT the name of the client trying to request a certificate. That is the name of an old test box that worked successfully. Is that just a generic name that puppet uses, or is it trying to use an old config/cert? On Tuesday, March 13, 2012 9:54:59 AM UTC-5, badamowicz wrote: > > Try > > > > puppet agent --verbose --debug --server your.server --environment your_env-- > waitforcert 60 --no-daemonize > > > > Bernd > > > > ** > *Betreff:* AW: [Puppet Users] Can't send certificate request > > > > > > > > > > *Von:* puppet-users@googlegroups.com > [mailto:puppet-users@googlegroups.com<puppet-users@googlegroups.com>] > *Im Auftrag von *Mike > *Gesendet:* Dienstag, 13. März 2012 15:04 > *An:* puppet-users@googlegroups.com > *Betreff:* [Puppet Users] Can't send certificate request > > > > I can't get a new client working with my puppet master. When I try to run > 'puppet agent --test' on the client, I get > > err: Could not request certificate: Connection refused - connect(2) > Exiting; failed to retrieve certificate and waitforcert is disabled > > I can't telnet from the client to the server on port 8140. There are no > firewalls between the 2 servers. I've turned off iptables and ip6tables on > both servers. The times are sync'd. Both servers can ping each other by IP > address and hostname. > > Doing a netstat -an on the puppet master server shows that it is not > listening on port 8140. Yet, I have verified that pe-puppet is running. > > Any suggestions? > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To view this discussion on the web visit > https://groups.google.com/d/msg/puppet-users/-/WEyyqRVvbgsJ. > To post to this group, send email to puppet-users@googlegroups.com. > To unsubscribe from this group, send email to > puppet-users+unsubscr...@googlegroups.com. > For more options, visit this group at > http://groups.google.com/group/puppet-users?hl=en. > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To post to this group, send email to puppet-users@googlegroups.com. > To unsubscribe from this group, send email to > puppet-users+unsubscr...@googlegroups.com. > For more options, visit this group at > http://groups.google.com/group/puppet-users?hl=en. > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To view this discussion on the web visit https://groups.google.com/d/msg/puppet-users/-/UpzL-l-0nasJ. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
