sslv3 alert certificate revoked on newly spawned servers

Eziera Yvanne Gabriel

unread,

Aug 7, 2017, 11:11:28 AM8/7/17

to Puppet Users

Hello,

I always encounter this error when executing puppet agent -t --debug on our newly spawned servers. Tried everything (except for puppetmaster restart) that I saw on the Internet with no success.

But with old servers with signed certs (before this error occur), puppet agent runs are still successful.

Rafael Tomelin

unread,

Aug 7, 2017, 2:29:20 PM8/7/17

to Puppet Users

Hi Dear,

Forword options:

1) update the OS;

2) date sync;

3) Key is exist in puppetserver;

4) generate new ssl - rm -rf /etc/puppetlabs/puppet/ssl

--
You received this message because you are subscribed to the Google Groups "Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/e51442a7-0f4b-4889-a850-db1bc745da1c%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

--

Atenciosamente,

Rafael Tomelin

skype: rafael.tomelin

E-mail: rafael....@gmail.com

RHCE - Red Hat Certified Engineer

Zabbix - ZABBIX Certified Specialist

LPI3

ITIL v3

Gabriel Schuyler

unread,

Aug 8, 2017, 1:27:08 PM8/8/17

to Puppet Users

Do these new machines have the same hostname as previously decommissioned hosts? If so, you'll need to clear out the previous machine's certificate in order to get sign one that has the same name.