Home / server / Questions / 528701
In Process
krisdigitx
Asked: 2013-08-06 03:12:26 +0800 CST

puppet create certificate with fqdn

  • 772

hostname on the client is dns01.srv.acentauri.net.uk, however when I run 

puppet agent -t

Info: Creating a new SSL key for dns01
Info: Caching certificate for ca
Info: Caching certificate_request for dns01
Exiting; no certificate found and waitforcert is disabled

it creates certificate for host dns01, appearently I am using autosign on puppet master for this domain srv.acentauri.net.uk

Any idea why puppet does not create the SSL key for FQDN?

linux

2 Answers

  1. Check the FQDN of your host:

    # hostname -f
# domainname

    Check also for a valid entry in your /etc/hosts file:

    1.2.3.4  dns01.srv.acentauri.net.uk dsn01

    Additionally, set the HOSTNAME entry in /etc/sysconfig/network to the FQDN.

    Remove the invalid cryptographic content under /var/lib/puppet/ssl in the client machine:

    # rm -rf /var/lib/puppet/ssl

    and reissue the request, this time waiting for the answer:

    # puppet agent --test --waitforcert 2
    • 2

  2. The client machine probably has an entry for dns01 in /etc/hosts. Have a look at what hostname -f and hostname -i return and clean up any discrepancies.

    • 1