puppetca trouble (The certificate retrieved from the master does not match the agent's private key)
118 views
Skip to first unread message
Florian Koch
Mar 26, 2012, 6:51:17 PM3/26/12
to puppet...@googlegroups.com
Hi @all,
i have a foreman-proxy server, build from scratch, works fine and i can build unattended hosts.
I don't want to configure all my foreman-proxys manually, so i build them in puppet, and only setup the OS (SL) and basic puppet config manually.
I can run the puppet configuration sucsessfully, my config is exactly what i want, but i am unable to build unattended hosts anymore, i get an error in the foreman-proxy log:(i can reproduce this with the command)
i have tried the suggested solution, but i have no success.
The normal puppet run works without Problems
any idea?
rgds flo
i have a foreman-proxy server, build from scratch, works fine and i can build unattended hosts.
I don't want to configure all my foreman-proxys manually, so i build them in puppet, and only setup the OS (SL) and basic puppet config manually.
I can run the puppet configuration sucsessfully, my config is exactly what i want, but i am unable to build unattended hosts anymore, i get an error in the foreman-proxy log:(i can reproduce this with the command)
sudo -u foreman-proxy /usr/bin/sudo /usr/sbin/puppetca --clean
The certificate retrieved from the master does not match the agent's private key.
Certificate fingerprint: D1:B4:88:24:24:31:FA:13:90:FA:1F:8A:CB:BF:2D:AB
To fix this, remove the certificate from both the master and the agent and then start a puppet run, which will automatically regenerate a certficate.
On the master:
puppet cert clean foreman-proxy.example.com
On the agent:
rm -f /var/lib/puppet/ssl/certs/foreman-proxy.example.com.pem
puppet agent -t
The certificate retrieved from the master does not match the agent's private key.
Certificate fingerprint: D1:B4:88:24:24:31:FA:13:90:FA:1F:8A:CB:BF:2D:AB
To fix this, remove the certificate from both the master and the agent and then start a puppet run, which will automatically regenerate a certficate.
On the master:
puppet cert clean foreman-proxy.example.com
On the agent:
rm -f /var/lib/puppet/ssl/certs/foreman-proxy.example.com.pem
puppet agent -t
i have tried the suggested solution, but i have no success.
The normal puppet run works without Problems
any idea?
rgds flo
Reply all
Reply to author
Forward
0 new messages