subject:"\[Puppet Users\] puppetmaster ca generate fails \- v 6.15.3 and 6.16.0"

Re: [Puppet Users] puppetmaster ca generate fails - v 6.15.3 and 6.16.0

2021-07-08 Thread Maggie Dreyer

Out of curiosity, were your certs somewhere totally custom? Was Puppet finding them successfully, or were there other issues besides the `generate` call? The CLI is supposed to respect settings in `puppet.conf`, which is also what puppetserver reads to find the files. So I would be a little surpri

Re: [Puppet Users] puppetmaster ca generate fails - v 6.15.3 and 6.16.0

2021-07-08 Thread Dave Beedle

This is our problem! Our certs are elsewhere. Copying or linking to them allows the cert generation to succeed. Thanks for the help! On Thursday, July 8, 2021 at 11:14:55 AM UTC-5 Maggie Dreyer wrote: > You can use `puppet config print [cakey|cacrl|cacert]` to find out where > it expects th

Re: [Puppet Users] puppetmaster ca generate fails - v 6.15.3 and 6.16.0

2021-07-08 Thread Maggie Dreyer

You can use `puppet config print [cakey|cacrl|cacert]` to find out where it expects them to be. `cacert` and `cacrl` should both be either * a single self-signed CA certificate and its CRL * a chain of certs from your signing CA cert to a root cert and the CRLs for each cert in the chain. You can

Re: [Puppet Users] puppetmaster ca generate fails - v 6.15.3 and 6.16.0

2021-07-08 Thread Dave Beedle

Thanks for the quick response! This may apply, we may well manipulate the certs...some of our processes predate me so, I'll poke around to see if I can figure out where they are supposed to be and where we put them! On Thursday, July 8, 2021 at 10:14:14 AM UTC-5 Maggie Dreyer wrote: > Might y

Re: [Puppet Users] puppetmaster ca generate fails - v 6.15.3 and 6.16.0

2021-07-08 Thread Maggie Dreyer

Might you be hitting https://tickets.puppetlabs.com/browse/SERVER-3036? Can you check if all of your CA files are present and correct? On Thu, Jul 8, 2021 at 8:02 AM Dave Beedle

[Puppet Users] puppetmaster ca generate fails - v 6.15.3 and 6.16.0

2021-07-08 Thread Dave Beedle

We have, in the past, generated cert on our puppet server using: /opt/puppetlabs/bin/puppetserver ca generate --ca-client --certname test.out.domain --subject-alt-names But this began failing as we updated to Puppetserver v6.15.3. Seems to be unhappy with some gems (log below). I have resinta

Re: [Puppet Users] puppetmaster ca generate fails - v 6.15.3 and 6.16.0

Re: [Puppet Users] puppetmaster ca generate fails - v 6.15.3 and 6.16.0

Re: [Puppet Users] puppetmaster ca generate fails - v 6.15.3 and 6.16.0

Re: [Puppet Users] puppetmaster ca generate fails - v 6.15.3 and 6.16.0

Re: [Puppet Users] puppetmaster ca generate fails - v 6.15.3 and 6.16.0

[Puppet Users] puppetmaster ca generate fails - v 6.15.3 and 6.16.0

6 matches

Site Navigation

Mail list logo

Footer information