On Thu, May 24, 2012 at 10:02 AM, Matt F <mfan2...@gmail.com> wrote: > I ended up installing yet another puppetmaster, and I think that resolved > my cert issues. However, my client still cannot get a test file from the > puppetmaster. There is NO firewall or selinux running on the server (both > disabled). > > fileserver.conf has: >
Ah ha! This is the issue. So, you should never really need to modify fileserver.conf in modern versions of Puppet (versions after 0.23). Puppet will automatically serve up files located in modules. For more information please see: http://docs.puppetlabs.com/learning/modules1.html (Particularly the Module Structure section) > [files] > path /var/lib/puppet/files > allow *.example.com > allow 10.0.0.0/8 Your client certificate does not have the domain example.com. It only has the short name of devsttst01 as we saw when you ran puppet agent --configprint certname. As a result, devsttst01 does not match the glob *.example.com and as a result the puppet master is marking the requests as unauthenticated. To fix this, if you move the file on the master into a module, for example /etc/puppet/modules/engine/files/engine.exe And then reference the file using the module URI: source => "puppet:///engine/engine.exe" Then Puppet will automatically serve up the file without the need for an entry in fileserver.conf. Hope this helps, -Jeff -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
