[Puppet Users] Unable to run puppet with apache + passenger

ankush grover Fri, 08 Jun 2012 01:40:25 -0700

Hi Friends,

I am trying to run puppet with apache on Centos 6.2. 64-bit (with
selinux off) but it seems apache is refusing to read the pem file of
puppet. Below are the errors I am getting in the apache logs.
Puppetmaster is working fine without Apache. The same setup is working
fine with (Puppet + Apache) in another office . What could be the
problem that apache is not able to read the files.



Fri Jun 08 02:06:37 2012] [error] Init: Unable to read server
certificate from file
/var/lib/puppet/ssl/private_keys/ezepuppet.synapse.ar.pem
[Fri Jun 08 02:06:37 2012] [error] SSL Library Error: 218529960
error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag
[Fri Jun 08 02:06:37 2012] [error] SSL Library Error: 218595386
error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1
error
[Fri Jun 08 02:06:40 2012] [notice] suEXEC mechanism enabled (wrapper:
/usr/sbin/suexec)
[Fri Jun 08 02:06:40 2012] [error] Init: Unable to read server
certificate from file
/var/lib/puppet/ssl/private_keys/ezepuppet.synapse.ar.pem
[Fri Jun 08 02:06:40 2012] [error] SSL Library Error: 218529960
error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag
[Fri Jun 08 02:06:40 2012] [error] SSL Library Error: 218595386
error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1
error
[Fri Jun 08 02:06:53 2012] [notice] suEXEC mechanism enabled (wrapper:
/usr/sbin/suexec)
[Fri Jun 08 02:06:53 2012] [error] Init: Unable to read server
certificate from file
/var/lib/puppet/ssl/private_keys/ezepuppet.synapse.ar.pem
[Fri Jun 08 02:06:53 2012] [error] SSL Library Error: 218529960
error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag
[Fri Jun 08 02:06:53 2012] [error] SSL Library Error: 218595386
error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1
error
[Fri Jun 08 02:21:12 2012] [notice] suEXEC mechanism enabled (wrapper:
/usr/sbin/suexec)
[Fri Jun 08 02:21:12 2012] [error] Init: Unable to read server
certificate from file
/var/lib/puppet/ssl/private_keys/ezepuppet.synapse.ar.pem
[Fri Jun 08 02:21:12 2012] [error] SSL Library Error: 218529960
error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag
[Fri Jun 08 02:21:12 2012] [error] SSL Library Error: 218595386
error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1
error
[Fri Jun 08 02:27:26 2012] [notice] suEXEC mechanism enabled (wrapper:
/usr/sbin/suexec)
[Fri Jun 08 02:27:26 2012] [error] Init: Unable to read server
certificate from file
/var/lib/puppet/ssl/private_keys/ezepuppet.synapse.ar.pem
[Fri Jun 08 02:27:26 2012] [error] SSL Library Error: 218529960
error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag
[Fri Jun 08 02:27:26 2012] [error] SSL Library Error: 218595386
error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1
error
[Fri Jun 08 02:31:06 2012] [notice] suEXEC mechanism enabled (wrapper:
/usr/sbin/suexec)
[Fri Jun 08 02:31:06 2012] [error] Init: Unable to read server
certificate from file
/var/lib/puppet/ssl/private_keys/ezepuppet.synapse.ar.pem
[Fri Jun 08 02:31:06 2012] [error] SSL Library Error: 218529960
error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag
[Fri Jun 08 02:31:06 2012] [error] SSL Library Error: 218595386
error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1
error
^C


puppet.conf

Listen 8140
<VirtualHost *:8140>
    SSLEngine on
    SSLProtocol -ALL +SSLv3 +TLSv1
    SSLCipherSuite ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:-LOW:-SSLv2:-EXP
    SSLCertificateKeyFile
/var/lib/puppet/ssl/private_keys/ezepuppet.synapse.ar.pem
    SSLCertificateFile /var/lib/puppet/ssl/private_keys/ezepuppet.synapse.ar.pem
    SSLCACertificateFile /var/lib/puppet/ssl/ca/ca_crt.pem
    SSLCertificateChainFile /var/lib/puppet/ssl/ca/ca_crt.pem
    # If Apache complains about invalid signatures on the CRL, you can
try disabling
    # CRL checking by commenting the next line, but this is not recommended.
    # SSLCARevocationFile /var/lib/puppet/ssl/ca/ca_crl.pem
    # Set to require if this puppetmaster doesn't issue certificates
    # to puppet clients.
    # NB: this requires SSLCACertificateFile to include the CA cert
    SSLVerifyClient optional
    SSLVerifyDepth 1
    SSLOptions +StdEnvVars

    # Passenger options that can be set in a virtual host
    # configuration block.
    PassengerHighPerformance on
    PassengerStatThrottleRate 120
    PassengerUseGlobalQueue on
    RackAutoDetect Off
    RailsAutoDetect Off
    RackBaseURI /
   PassengerMaxRequests 10000
    DocumentRoot /etc/puppet/rack/public


    <Directory /etc/puppet/rack/>
        Options None
        AllowOverride None
        Order allow,deny
        Allow from all
    </Directory>
</VirtualHost>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Unable to run puppet with apache + passenger

Reply via email to