Hi,
Okay, start again then (assuming you are still testing out puppet).
Remove the puppet 'ssl' directory contents on the server and the client. Check
your host clocks are in sync.
Start the puppetmaster on the server with --no-daemonize --verbose
That will generate the CA again for the server.
On the client issue the following:
puppetd --verbose --waitforcert 60 --server puppet.domain --noop
If this still fails check the certname you are using in your certificates.
openssl s_client -connect puppet:8140
Check the subject name is the same as the one you expect. You can specify the
certname in your puppet client config.
Cheers,
On 26/03/2011, at 23:43, "KarthiKeyan. Kesavan" wrote:
> hi,
>
> Thanks for your update .
>
> Server name is puppet and client name is client .
>
> I can do the telnet for server 8140 . even if i am using --waitforcert option
> i did nt get newly .
>
> Please share your suggestions .
>
> Cheers
>
> K.KarthiKeyan
>
>
>
> Hi,
>
> Verify that the server name you are using is correct (is it 'puppet' or
> 'puppetmaster'?). Use the --waitforcert option when first signing.
>
> Verify that puppetmaster is running on the server. Verify that you can access
> port 8140 on the server from the client.
>
> Cheers,
>
> On 25/03/2011, at 22:30, CHEBRIAN wrote:
>
> > Dear ALL.
> >
> > I am trying to generate the ca for my puppet client .
> >
> > But it showing the following error
> >
> > puppetd --server puppet --test --debug --no-daemonize
> >
> > warning: peer certificate won't be verified in this SSL session
> > err: Could not request certificate: Error 400 on SERVER: undefined
> > method `info' for nil:NilClass
> > Exiting; failed to retrieve certificate and waitforcert is disabled
> >
> > puppetmaster
> >
> > FQDN checks is fine for puppetmaster and client . pinging perfectly.
> >
> > Please guide me to fix this problem .
> >
> > Regards
> > CheBrian
> >
> > --
> > You received this message because you are subscribed to the Google Groups
> > "Puppet Users" group.
> > To post to this group, send email to puppet-users@googlegroups.com.
> > To unsubscribe from this group, send email to
> > puppet-users+unsubscr...@googlegroups.com.
> > For more options, visit this group at
> > http://groups.google.com/group/puppet-users?hl=en.
> >
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To post to this group, send email to puppet-users@googlegroups.com.
> To unsubscribe from this group, send email to
> puppet-users+unsubscr...@googlegroups.com.
> For more options, visit this group at
> http://groups.google.com/group/puppet-users?hl=en.
>
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To post to this group, send email to puppet-users@googlegroups.com.
> To unsubscribe from this group, send email to
> puppet-users+unsubscr...@googlegroups.com.
> For more options, visit this group at
> http://groups.google.com/group/puppet-users?hl=en.
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
