Hi, I am running puppet-server-2.7.25-1.el5 and puppet-2.7.20-1.el6.rf.noarch clients.
A puppet client which is running for more than 5 years is rebuild and while adding the server to the puppet infrastructure again , we are facing the below error. The client is properly removed from the master before it is re-built. But still while adding the server back , the error occurs. running on Jul19 .. [root@client1 setup]# puppet agent --server wfpuppet.example.com >> --waitforcert 60 --test > > info: Creating a new SSL key for client1.example.com > > info: Caching certificate for ca > > info: Creating a new SSL certificate request for client1.example.com > > info: Certificate Request fingerprint (md5): >> CE:73:92:B6:37:76:52:57:45:86:C5:D8:68:22:3F:A0 > > info: Not using expired certificate for ca from cache; expired at Tue Jul >> 16 19:12:20 UTC 2019 > > info: Caching certificate for ca > > info: Not using expired certificate for ca from cache; expired at Tue Jul >> 16 19:12:20 UTC 2019 > > info: Caching certificate for ca > > info: Caching certificate for client1.example.com > > info: Retrieving plugin > > info: Not using expired certificate for ca from cache; expired at Tue Jul >> 16 19:12:20 UTC 2019 > > info: Not using expired certificate for ca from cache; expired at Tue Jul >> 16 19:12:20 UTC 2019 > > info: Not using expired certificate for ca from cache; expired at Tue Jul >> 16 19:12:20 UTC 2019 > > info: Not using expired certificate for ca from cache; expired at Tue Jul >> 16 19:12:20 UTC 2019 > > info: Not using expired certificate for ca from cache; expired at Tue Jul >> 16 19:12:20 UTC 2019 > > info: Not using expired certificate for ca from cache; expired at Tue Jul >> 16 19:12:20 UTC 2019 > > info: Not using expired certificate for ca from cache; expired at Tue Jul >> 16 19:12:20 UTC 2019 > > info: Not using expired certificate for ca from cache; expired at Tue Jul >> 16 19:12:20 UTC 2019 > > info: Not using expired certificate for ca from cache; expired at Tue Jul >> 16 19:12:20 UTC 2019 > > info: Not using expired certificate for ca from cache; expired at Tue Jul >> 16 19:12:20 UTC 2019 > > info: Not using expired certificate for ca from cache; expired at Tue Jul >> 16 19:12:20 UTC 2019 > > info: Not using expired certificate for ca from cache; expired at Tue Jul >> 16 19:12:20 UTC 2019 > > info: Not using expired certificate for ca from cache; expired at Tue Jul >> 16 19:12:20 UTC 2019 > > info: Not using expired certificate for ca from cache; expired at Tue Jul >> 16 19:12:20 UTC 2019 > > info: Not using expired certificate for ca from cache; expired at Tue Jul >> 16 19:12:20 UTC 2019 > > info: Not using expired certificate for ca from cache; expired at > > >> ................... Truncated ...................................... > > >> err: Could not retrieve catalog from remote server: >> Thread(#<Thread:0x7f275f7ca370 run>) not locked. > > warning: Not using cache on failed catalog > > err: Could not retrieve catalog; skipping run > > info: Not using expired certificate for ca from cache; expired at Tue Jul >> 16 19:12:20 UTC 2019 > > info: Not using expired certificate for ca from cache; expired at Tue Jul >> 16 19:12:20 UTC 2019 > > >> ....................Truncated ................................ > > err: Could not request certificate: stack level too deep > > The configuration remains the same as in any client which is working fine. Still facing the error? Is puppet master caching the expired certificate from cache ? "expired certificate for ca from cache;" I have followed the below puppet docs : https://ask.puppet.com/question/16111/how-to-renew-expired-puppetmaster-certificates/ https://ask.puppet.com/question/32858/warning-certificate-puppet-ca-will-expire-on-how-to-renew-certificates-on-302/ -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/e29c37cd-4d69-44a6-b51f-5eefaccff99f%40googlegroups.com.
