I am not sure how to word the question, so here is the problem:
I have a brand new install of puppet-server and puppet using v2.6.16 and running on 2 nodes (puppet and puppet-agent, respectively) following the steps at http://docs.puppetlabs.com/guides/installation.html for a Linux box (CentOS).
On the puppet[-server] box, I issue puppetca -la and get back:
+ puppet (DB:50:1B:37:47:78:DA:F2:69:28:B7:E2:22:1B:C5:28) (alt names: DNS:puppet, DNS:puppet.abc.com)
(note that puppet-agent is not listed) ... also, no puppet instances are listed with puppet cert list
When signing the box with puppetca --sign puppet, I get:
err: Could not call sign: Could not find certificate request for puppet
Same with puppetca --sign puppet.abc.com
There is a puppet.pem in the private_keys and certs directory. The certificate_requests directory is empty. Auto-signing is off.
I'd be happy to supply any additional information and would appreciate any assistance.
The puppet.conf on both machines is as follows, sans comments:
[main]
logdir = /var/log/puppet
rundir = /var/run/puppet
vardir = /var/lib/puppet
factpath = $vardir/lib/facter
ssldir = $vardir/ssl
server = puppet.abc.com
dns_alt_names = puppet, puppet.abc.com
pluginsync = true
[agent]
classfile = $vardir/classes.txt
localconfig = $vardir/localconfig
[master]
templatedir = var/lib/puppet/templates
EDIT DUE TO COMMENTS
- Master is running
- Agent can contact master via hostname
- Agent CANNOT telnet to 8140 on master -- master is listening on 0.0.0.0:8140 with iptables and selinux off
- May 14 13:40:13 puppet-agent puppet-agent[25920]: (/File[/var/lib/puppet/lib]) Failed to generate additional resources using 'eval_generate': SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed May 14 13:40:13 puppet-agent puppet-agent[25920]: (/File[/var/lib/puppet/lib]) Could not evaluate: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed Could not retrieve file metadata for puppet://puppet.abc.com/plugins: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed May 14 13:40:14 puppet-agent puppet-agent[25920]: Could not retrieve catalog from remote server: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed
- puppet agent --test yields: dnsdomainname: Unknown host info: Retrieving plugin err: /File[/var/lib/puppet/lib]: Failed to generate additional resources using 'eval_generate': SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed err: /File[/var/lib/puppet/lib]: Could not evaluate: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed Could not retrieve file metadata for puppet://puppet.abc.com/plugins: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed dnsdomainname: Unknown host err: Could not retrieve catalog from remote server: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed warning: Not using cache on failed catalog err: Could not retrieve catalog; skipping run May 14 13:40:14 puppet-agent puppet-agent[25920]: Using cached catalog
- netstat produces ruby/puppet in a LISTEN state and the agent in a TIME_WAIT
