Ping a Specific Port

Question

Onitlikesonic

Asked: 2012-10-13 00:10:21 +0800 CST2012-10-13 00:10:21 +0800 CST 2012-10-13 00:10:21 +0800 CST

Could not evaluate: certificate verify failed while using ssl proxy

772

One of our machines was recently put behind an SSL proxy and since then I can't connect to puppet with "Could not evaluate: certificate verify failed."

I have checked that the dates match, regenerated the certificates but to no avail.

Debugging the verification with "openssl s_client -showcerts -connect puppetmaster:puppetmasterport" shows "Verify return code: 0 (ok)"

Initially the Proxy SSL Certificate was not recognized with a "Verify return code: 20 (unable to get local issuer certificate)" problem which was then fixed with the answer in the question: Adding root certificate to CentOS 5

1 Answers

Voted

Onitlikesonic · Answer 1 · 2012-10-13T00:40:24+08:00

Best Answer

Onitlikesonic

2012-10-13T00:40:24+08:002012-10-13T00:40:24+08:00

This seems to have solved my problem:

you need to add the top level ca pub key to it to /var/lib/puppet/ssl/certs/ca.pem

Reference: https://groups.google.com/forum/?fromgroups=#!topic/puppet-users/VVGkYArpYfI

1

Could not evaluate: certificate verify failed while using ssl proxy

Can you pass user/pass for HTTP Basic Authentication in URL parameters?

Ping a Specific Port

Check if port is open or closed on a Linux server?

How to automate SSH login with password?

How do I tell Git for Windows where to find my private RSA key?

What's the default superuser username/password for postgres after a new install?

What port does SFTP use?

Command line to list users in a Windows Active Directory group?

What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

How to determine if a bash variable is empty?