Ohad ... no they weren't. It still isn't working but it looks like the
SSL thing is sorted.
Thanks everyone for their help.
chakkerz
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to t
well.. it shouldnt...
just another stupid question, your clocks are in sync right?
On Fri, Feb 13, 2009 at 9:23 AM, chakkerz wrote:
>
> Yeah ...the built in mechanism fails worse
>
> >
>
--~--~-~--~~~---~--~~
You received this message because you are subscribed
Yeah ...the built in mechanism fails worse
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send
Is there any particular reason you're copying the certificates and
whatnot by hand instead of using the built in mechanisms?
Regards,
AJ
On 13/02/2009, at 11:12 AM, chakkerz wrote:
>
> i've copied the ca.pem from the master to the client. Now i'm back to
> the familar:
>
> r...@puppetsun:/va
i've copied the ca.pem from the master to the client. Now i'm back to
the familar:
r...@puppetsun:/var/lib/puppet/ssl# /opt/csw/bin/puppetd -vt
info: Retrieving plugins
warning: Certificate validation failed; consider using the certname
configuration option
err: /File[/var/lib/puppet/lib]: Failed
OK, new error. Regardless of which ruby i use, i get the following if
i do a puppetca --generate puppetsun... and then transfer the files.
(also this doesn't seem to care too much about permissions, but the
last time i did it, i was very careful to replicate the permissions
from the master).
r...
On Wed, Feb 11, 2009 at 5:12 PM, chakkerz wrote:
> This is after clearing /var/lib/puppet , restarting the daemon and re-
> signing the cert.
>
> the server has:
> [r...@puppetbeta /]# puppetca --list --all
> + puppetsun.its.uq.edu.au
> + puppetbeta.its.uq.edu.au
>
I had some similar trouble on
following the advise on the IRC channel i downgraded ruby to 1.8.6
r...@puppetsun:/opt/csw/bin# ./ruby -v
ruby 1.8.6 (2007-09-23 patchlevel 110) [i386-solaris2.8]
i now get a new error:
r...@puppetsun:/opt/csw/bin# rm -rf /var/lib/puppet/
r...@puppetsun:/opt/csw/bin# /opt/csw/bin/puppetd --test
i
Hello again
--config makes no difference. Same error persists.
Cheers
chakkerz
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
another issue i had on solaris that it wasnt using the right config file
end up using --config /etc/puppet/puppet.conf
On Tue, Feb 10, 2009 at 2:15 PM, chakkerz wrote:
>
> Valid point, unfortunately, i configured this:
> r...@puppetsun:/opt/csw/bin# cat /opt/csw/etc/puppet/puppet.conf
> [m
Valid point, unfortunately, i configured this:
r...@puppetsun:/opt/csw/bin# cat /opt/csw/etc/puppet/puppet.conf
[main]
vardir = /var/lib/puppet
logdir = /var/log/puppet
rundir = /var/run/puppet
ssldir = $vardir/ssl
pluginsync = true
factpath = $vardi
If you used the Solaris blastwave packages, it might be that your certs are
in a different directory... check your puppet configs for where your ssl
dir is (could be /etc/puppet/ssl, /var/lib/puppet/ssl,
/opt/csw/etc/puppet/ssl .)
Cheers,
Ohad
On Tue, Feb 10, 2009 at 6:29 AM, chakkerz wrote
Ok, i've re-read
http://reductivelabs.com/trac/puppet/wiki/CertificatesAndSecurity
and some things fell into place (though it still doesn't work :) )
So the CA here is my host puppetbeta which is the master. On it i
signed the cert that the puppetsun generated when i ran `puppetd --
test` , usin
But that doesn't make sense ...
So what you're saying that the Solaris host (all the RedHat ones are
working), will need to have their cert's generated on a RedHat box,
and then transferred to the solaris host?
But even then the architecture doesn't make sense, because i'm using a
self signed ce
I believe that means the cert on the master and the client weren't signed by
the same CA.
On Sun, Feb 8, 2009 at 10:29 PM, chakkerz wrote:
>
> Hello there
>
> I'm having some issues and i'm not entirely sure where they are
> starting (I'm not generally a Solaris user). I gather that there are
15 matches
Mail list logo
