I think your master needs to sign the cert, on the master issue puppet-ca --sign vm2.jhmg.net
You'll need to verify that syntax, it's from memory :-) On Fri, Mar 30, 2012 at 6:06 PM, Jim Garrison <jhg6...@gmail.com> wrote: > Trying to set up a simple master/agent configuration on two VMware VMs. I > startup the master and then try to start the agent, in waitforcert mode to > submit its cert request. After receving the request on the master and > signing it, I get this on the agent: > > [jhg@vm2 puppet-2.7.12]$ sudo puppet agent --server vm1 --waitforcert 60 > --test > warning: peer certificate won't be verified in this SSL session > info: Caching certificate for ca > warning: peer certificate won't be verified in this SSL session > warning: peer certificate won't be verified in this SSL session > info: Creating a new SSL certificate request for vm2.jhmg.net > info: Certificate Request fingerprint (md5): > E2:79:4A:81:21:56:7E:2A:9B:B2:3C:74:27:15:24:4C > warning: peer certificate won't be verified in this SSL session > warning: peer certificate won't be verified in this SSL session > warning: peer certificate won't be verified in this SSL session > warning: peer certificate won't be verified in this SSL session > info: Caching certificate for vm2.jhmg.net > err: Could not retrieve catalog from remote server: SSL_connect returned=1 > errno=0 state=SSLv3 read server certificate B: certificate verify failed. > This is often because the time is out of sync on the server or client > warning: Not using cache on failed catalog > err: Could not retrieve catalog; skipping run > err: Could not send report: SSL_connect returned=1 errno=0 state=SSLv3 > read server certificate B: certificate verify failed. This is often > because the time is out of sync on the server or client > > I have already verified that the two VM clocks are synchronized to within > a few ms of each other. > > What ELSE could cause this? > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To view this discussion on the web visit > https://groups.google.com/d/msg/puppet-users/-/qDhj4dblhfAJ. > To post to this group, send email to puppet-users@googlegroups.com. > To unsubscribe from this group, send email to > puppet-users+unsubscr...@googlegroups.com. > For more options, visit this group at > http://groups.google.com/group/puppet-users?hl=en. > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
