Puppet agent not able to connect to puppet server after rebooting puppet server

[rakshath...@yahoo.in]

Hi All,

I have puppet open source installed on RHEL server and puppet agent on windows server 2012. Setup was done and was working fine, but after rebooting the puppet server, command puppet agent -t is throwing an error 'Failed to generate additional resources using 'eval_generate': Server hostname '<Puppet Master Hostname>' did

not match server certificate; expected one of localhost.localdomain, DNS:puppet, DNS:localhost.localdomain'. Can anyone help me understand this issue, or help me get it resolved permanently?

[shakeel pasha]

Check the hosts entries for master and client on client
Even if u r using dns to resolve
Stop the agent on client
Delete the content in ssl directory
Rerun the command again
See if ur firewall is not blocking anything ports that client agents talks to master

--
You received this message because you are subscribed to the Google Groups "Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/b763eb5a-af05-4cce-be97-6f7d3781ca77%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Michael Watters]

Looks like your master's host name isn't included on the certificate.  Are you able to run the agent using puppet agent -t --server puppet ?

You can also see what host names are returned by the master's cert using openssl.

openssl s_client -connect puppet:8140

This should show you the entire certificate chain.  For example:

openssl s_client -connect puppet:8140
CONNECTED(00000003)
depth=0 CN = puppetmaster.example.com
verify error:num=20:unable to get local issuer certificate
verify return:1
depth=0 CN = puppetmaster.example.com
verify error:num=21:unable to verify the first certificate
verify return:1
---
Certificate chain
 0 s:/CN=puppetmaster.example.com
   i:/CN=Puppet CA: puppet-f20.example.com

[rakshath...@yahoo.in]

On Tuesday, October 25, 2016 at 12:22:52 PM UTC+5:30, rakshath...@yahoo.in wrote:

It worked after I cleared the ssl directory.

Thank you

On Friday, October 21, 2016 at 10:03:04 PM UTC+5:30, shakeel pasha wrote:

Check the hosts entries for master and client on client
Even if u r using dns to resolve
Stop the agent on client
Delete the content in ssl directory
Rerun the command again
See if ur firewall is not blocking anything ports that client agents talks to master

On 21-Oct-2016 4:27 PM, "rakshatha.shetty via Puppet Users" <puppet...@googlegroups.com> wrote:

Hi All,

I have puppet open source installed on RHEL server and puppet agent on windows server 2012. Setup was done and was working fine, but after rebooting the puppet server, command puppet agent -t is throwing an error 'Failed to generate additional resources using 'eval_generate': Server hostname '<Puppet Master Hostname>' did

not match server certificate; expected one of localhost.localdomain, DNS:puppet, DNS:localhost.localdomain'. Can anyone help me understand this issue, or help me get it resolved permanently?

--
You received this message because you are subscribed to the Google Groups "Puppet Users" group.

To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users...@googlegroups.com.