"Error: Could not request certificate: Error 500 on SERVER" after updating certificate
491 views
Skip to first unread message
shlo....@gmail.com
Oct 25, 2016, 10:58:55 AM10/25/16
to Puppet Users
Hi,
I need to renew the SSL certificate.
I overwrite the old certificate files with the new files and restart the httpd.
When I tried to run puppet from the agent I get:
...
Error: Could not request certificate: Error 500 on SERVER
...
Phusion Passenger
Web application could not be started
...
The unix permission look the same as the old one.
I also remove the agent's certificate files from the agent and from the master.
If I put back the old certificate everything work okay.
Any to solve the problem?
Shlomit
Lowe Schmidt
Oct 25, 2016, 1:55:21 PM10/25/16
to puppet...@googlegroups.com
What does your server logs say? And what Puppet version are you running?
--
Lowe Schmidt | +46 723 867 157
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to puppet-users...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/puppet-users/809f5d76-8f2f-4315-b3f6-c0453979c07b%40googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.
--
Lowe Schmidt | +46 723 867 157
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to puppet-users...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/puppet-users/809f5d76-8f2f-4315-b3f6-c0453979c07b%40googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.
shlo....@gmail.com
Oct 26, 2016, 6:22:41 AM10/26/16
to Puppet Users
In the log:
Could not prepare for execution: The certificate retrieved from the master does not match the agent's private key.Certificate fingerprint: XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:...To fix this, remove the certificate from both the master and the agent and then start a puppet run, which will automatically regenerate a certficate.On the master:puppet cert clean puppet.wezmann.pemOn the agent:rm -f /var/lib/puppet/ssl/certs/puppet.wezmann.pempuppet agent -t
Which I did and no help + warning about deprecate things that I believe not connected to the problem because it still working with the old certificate.
Puppet: 3.6.2
Thanks.
Lowe Schmidt
Oct 26, 2016, 7:23:59 AM10/26/16
to puppet...@googlegroups.com
So you did remove the SSL certificate on the _agent_ as well?
> https://groups.google.com/d/msgid/puppet-users/826a66f2-eca4-4043-80e6-44e4f37c8529%40googlegroups.com.
--
Lowe Schmidt | +46 723 867 157
Lowe Schmidt | +46 723 867 157
shlo....@gmail.com
Oct 27, 2016, 6:04:23 AM10/27/16
to Puppet Users
Yes
Lowe Schmidt
Oct 27, 2016, 8:32:29 AM10/27/16
to puppet...@googlegroups.com
And you requested a new one?
> https://groups.google.com/d/msgid/puppet-users/9c6c5d0c-5d4f-447e-8424-567845d69f35%40googlegroups.com.
--
Lowe Schmidt | +46 723 867 157
Lowe Schmidt | +46 723 867 157
Reply all
Reply to author
Forward
0 new messages