Hi, You sure, cos it seem to be really ugly certificate issue
openssl x509 -text -noout -in /var/lib/puppet/ssl/certs/hostname.tld.pem | grep -A2 Validity
Can you check the time period of your certificate.. and compare it with master one.
if it is same, then something serious is happening Regards, System Admin Ashish Jaiswal On Tuesday 28 August 2012 10:55:14 PM IST, Bai Shen wrote:
That didn't seem to help. I got some weird errors about the certs not being able to be signed. I was finally able to get one test run, but after that it went back to giving me the same error. Any other suggestions? On Tue, Aug 28, 2012 at 12:18 PM, Ashish Jaiswal <ashish1...@gmail.com <mailto:ashish1...@gmail.com>> wrote: Hi,, Have you tried deleting the existing directory of master and agent.. rm -frv /var/lib/puppet/ssl Try this and see if this work!! Regards, Ashish Jaiswal On Aug 28, 2012 8:58 PM, "Bai Shen" <baishen.li...@gmail.com <mailto:baishen.li...@gmail.com>> wrote: I'm trying to get puppet to connect to my puppetmaster, but I keep getting the same error. err: Could not retrieve catalog from remote server: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed I've made sure ntpd is running during the kickstart and that the times are the same on both machines. I've also ran puppet cert --clean --all on the puppetmaster. I have the puppetmaster set to autosign all certs. Any ideas what I'm missing? Everything I've found says to make sure the clocks are the same, which I've already done. I did see one post talking about an issue with Ruby 1.9.2, but I'm running 1.8.7. Thanks. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com <mailto:puppet-users@googlegroups.com>. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com <mailto:puppet-users%2bunsubscr...@googlegroups.com>. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com <mailto:puppet-users@googlegroups.com>. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com <mailto:puppet-users%2bunsubscr...@googlegroups.com>. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
-- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
