I searched online and I see a few other people have had this issue on other lists/boards. When I run sudo puppetd –waitforcert 60 –test for the 2nd time after signing the cert on the master server I get this error-
notice: Got signed certificate warning: Certificate validation failed; considering using the certname configuration option err: /File[/var/lib/puppet/lib]: Failed to generate additional resources during transaction: Certificates were not trusted: hostname was not match with the server certificate
I’m not sure I understand what the problem or how to fix it. So that is why I ask.
I’m setting puppet up on two servers on my LAN. The puppetmaster is named ‘puppet’ and the other server is named ‘puppetclient’. I put puppet into /etc/hosts on puppetclient.
running hostname -f will display puppet and pupperclient on the respective servers. I’m not sure what else to try. Does anyone have any insight?
Sounds like the puppetmaster certificate was created when the host was named something other than “puppet”. Recreate the certificate and you should be good.
The name stored in the certificate has to match what you configured your client to connect to (exactly). For instance, if you configure your client to connect to “puppet.domain.com”, you’ll get an error if the certificate is named “puppet” and vice versa.
- Puppet – Any way to copy predefined custom configuration files for software on clients from the puppet master (host)?
- I’ve broken my puppet, clients are failing reporting “ Could not run Puppet configuration client: Invalid parameter stage”
- Puppet agent failing
- Call Puppet function from Puppet template?
- Is it possible to use the Puppet inventory for puppet modules and other systems?
Leave a comment
- Cron expression that runs every 5 minutes from 1:30 am – 6:00 am [duplicate]
- Understanding redundant power supplies
- Is there a way for administrators to disable users from installing Firefox extensions?
- Is there research material on NTP accuracy available?
- How to create a limited “domain admin” that does not have access to domain controllers?