err: Could not request certificate: unknown message digest algorithm

[wattsharr...@gmail.com]

has anyone seen the following error:

err: Could not request certificate: unknown message digest algorithm

i have tried :

puppet agent --digest md5 -t

and am i currently attempting to upgrade to a newer version of puppet.

any suggestions would be appreciated.

EZ

[James Perry]

Looking at the help for the Puppet Agent (puppet agent --help), it seems that the supportable message digests depend on what your version of OpenSSL installed. 

* --digest:

  Change the certificate fingerprinting digest algorithm. The default is

  SHA256. Valid values depends on the version of OpenSSL installed, but

  will likely contain MD5, MD2, SHA1 and SHA256.

That said, with the Puppet agent version 4.9+, I tried to force it to break by specifying a bogus algorithm of MD6 and md6, but didn't get the message you showed. 

Now it does seem that they are showing in the help that it is uppercase, so it may be as simple as specifying MD5 versus md5 as you show in your post.

I just migrated almost 200 servers to Puppet 4 and none of them seemed to have any issues with certificates other than I had to completely remove the old version of Puppet we had and install fresh since the Puppet 4 agent has all apps / packages it requires contained within the package.