Could not generate DH keypair

275 views
Skip to first unread message

Fabricio Cruz

unread,
Jan 18, 2017, 5:54:14 PM1/18/17
to Puppet Users

How to fix  ?

2017-01-18 16:45:28,076 ERROR [qtp1558347627-77] [puppetserver] Puppet Report processor failed: Could not send report to Foreman at https://server/api/reports: Could not generate DH keypair

thanks

rvlinden

unread,
Jan 19, 2017, 8:21:08 AM1/19/17
to Puppet Users
Run openssl to create a 1024 DH keypair
# openssl dhparam 1024

and add this block of code (incl BEGIN DH PARAMETERS and END DH PARAMETERS to your /etc/katello/certs/katello-apache.crt on your satellite server

Hope this helps

Rene

Fabricio Cruz

unread,
Jan 19, 2017, 9:21:47 PM1/19/17
to puppet...@googlegroups.com
Thanks for replying, I do not have satelite server, I have:

Ubuntu server 16.04
Puppet and Foreman
Thanks!


--
You received this message because you are subscribed to a topic in the Google Groups "Puppet Users" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/puppet-users/nfmqGBGr3yY/unsubscribe.
To unsubscribe from this group and all its topics, send an email to puppet-users+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/5e85a2bb-dd7d-4599-a9a0-3dddfc0fb3b9%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Fabricio Cruz

unread,
Jan 23, 2017, 12:11:01 PM1/23/17
to puppet...@googlegroups.com
Hi ,

I was able to solve :

1- openssl dhparam 1024
2- add this block of code to /etc/puppetlabs/puppet/ssl/certs/mycert.pem  ---  in my client puppet

Thank you!!

abh...@maxonic.com

unread,
Jul 21, 2017, 11:34:11 AM7/21/17
to Puppet Users
Hi Fabricio,

In my Foreman Puppet setup I don't have "mycert.pem" file. Instead I had some similar files:
  1. /etc/puppetlabs/puppet/ssl/certs/ip-xxx-xx-xx-xxx.us-west-2.compute.internal.pem
  2. /etc/puppetlabs/puppet/ssl/certs/ca.pem
So I executed the command "openssl dhparam 1024" and add the output in 1st file below the exisiting Dhparam. And when I tried to restart my puppetserver it gave me error. I also tried replacing the existing DHparam with the new 1024 dhparam. But I again got error while restarting my puppetserver and was unable to restart my puppetserver.

Then I tried working it out with 2nd file (ca.pem). Executed the command and added the output to the file and restarted the puppetserver. This time server restarted properly, but I was still unable to see reports on foreman. I tried this with 2048 and 4096 bit dhparam as well, but these didn't work out either. 

Can you please help me out. I am using the - Ubuntu 16.04, and my foreman, puppet master and puppetagent all are on the same machine.

On Monday, January 23, 2017 at 9:11:01 AM UTC-8, Fabricio Cruz wrote:
Hi ,

I was able to solve :

1- openssl dhparam 1024
2- add this block of code to /etc/puppetlabs/puppet/ssl/certs/mycert.pem  ---  in my client puppet

Thank you!!
2017-01-20 0:21 GMT-02:00 Fabricio Cruz <fabg...@gmail.com>:
Thanks for replying, I do not have satelite server, I have:

Ubuntu server 16.04
Puppet and Foreman
Thanks!
2017-01-19 11:21 GMT-02:00 rvlinden <rene.vand...@gmail.com>:
Run openssl to create a 1024 DH keypair
# openssl dhparam 1024

and add this block of code (incl BEGIN DH PARAMETERS and END DH PARAMETERS to your /etc/katello/certs/katello-apache.crt on your satellite server

Hope this helps

Rene

--
You received this message because you are subscribed to a topic in the Google Groups "Puppet Users" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/puppet-users/nfmqGBGr3yY/unsubscribe.
To unsubscribe from this group and all its topics, send an email to puppet-users...@googlegroups.com.
Reply all
Reply to author
Forward
0 new messages