Yes, I do have a hardcoded certificate name in my master section. That's why I my agent cert issue was so unexpected. Oh well, I guess all's well that ends well.
I just think I'll disable the repo and not do upgrades for a long time, now that I'm at 3.1. These little glitches make little grey hairs after awhile and snip off a few minutes of life expectancy. Speaking in generalites, of course. Puppet is wonderful. : -) On Friday, February 8, 2013 3:39:41 PM UTC-5, Jo wrote: > > On Feb 7, 2013, at 5:50 AM, Dominic Cleal wrote: > > Sorta puzzles me. Why would this mismatched agent certificate on > > puppetmaster interfered with other puppet agent runs? > > > The same certificate that is used for the agent on the master server is > also used for the master process itself (inbound connections). > > > Only if you let your puppet server use the host it's running on FQDN, > which I devoutly disagree with in practice. Best to keep them separate by > putting a hardcoded certname in the [master] section to avoid these kinds > of problems. > > -- > Jo Rhett > Net Consonance : net philanthropy to improve open source and internet > projects. > > > > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
