How to seperate the CA server from Master (basic setup)?Can any puppet agent get any puppet file from the...

Alternative to sending password over mail?

How is it possible to have an ability score that is less than 3?

Why is consensus so controversial in Britain?

Brothers & sisters

How can I make my BBEG immortal short of making them a Lich or Vampire?

What mechanic is there to disable a threat instead of killing it?

Facing a paradox: Earnshaw's theorem in one dimension

Assassin's bullet with mercury

Stopping power of mountain vs road bike

Why do bosons tend to occupy the same state?

Can I ask the recruiters in my resume to put the reason why I am rejected?

Why doesn't H₄O²⁺ exist?

Modeling an IP Address

What killed these X2 caps?

How can saying a song's name be a copyright violation?

Is "remove commented out code" correct English?

Is it unprofessional to ask if a job posting on GlassDoor is real?

Is it inappropriate for a student to attend their mentor's dissertation defense?

Why do I get two different answers for this counting problem?

Why doesn't using multiple commands with a || or && conditional work?

Forgetting the musical notes while performing in concert

Emailing HOD to enhance faculty application

Why does Arabsat 6A need a Falcon Heavy to launch

If human space travel is limited by the G force vulnerability, is there a way to counter G forces?



How to seperate the CA server from Master (basic setup)?


Can any puppet agent get any puppet file from the master?puppet not signing cert or getting new requestsPuppet using /var/lib/puppet/.puppet/ as default config dirPuppet server hostname does not match certificate - can't authenticate. How to disable puppet authentication?puppet node keeps adding itself to the masterSetup a non-CA Puppet MasterPuppet Master doesn't get certificate request from agentPuppet Device unable to get local issuer certificateHow to identify which Puppet master was used in an agent run?Generating and signing certificates in puppet version 5






.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty{ height:90px;width:728px;box-sizing:border-box;
}







0















I followed Centralize the Certificate Authority guide to seperate my ca from the master however I'm running into trouble.



My Setup



Hosts file



I have the following in the /etc/hosts file on all hosts:



192.168.33.11 puppetcaserver
192.168.33.10 puppet


Puppet Master config



[main]

ca_server = puppetcaserver

[master]
ca = false


Puppet CA config



[master]
ca = true


Agent



 [master]
ca_server = puppetcaserver
server = puppet


I can successfully start the CA. The puppet master fails with:



Error: Could not run: Could not retrieve certificate for centos65-box-1 and not running on a valid certificate authority


Full debug logs here



Puppet version used: 3.7.3



Can someone please highlight what the issue is? Thanks.










share|improve this question














bumped to the homepage by Community 7 mins ago


This question has answers that may be good or bad; the system has marked it active so that they can be reviewed.






















    0















    I followed Centralize the Certificate Authority guide to seperate my ca from the master however I'm running into trouble.



    My Setup



    Hosts file



    I have the following in the /etc/hosts file on all hosts:



    192.168.33.11 puppetcaserver
    192.168.33.10 puppet


    Puppet Master config



    [main]

    ca_server = puppetcaserver

    [master]
    ca = false


    Puppet CA config



    [master]
    ca = true


    Agent



     [master]
    ca_server = puppetcaserver
    server = puppet


    I can successfully start the CA. The puppet master fails with:



    Error: Could not run: Could not retrieve certificate for centos65-box-1 and not running on a valid certificate authority


    Full debug logs here



    Puppet version used: 3.7.3



    Can someone please highlight what the issue is? Thanks.










    share|improve this question














    bumped to the homepage by Community 7 mins ago


    This question has answers that may be good or bad; the system has marked it active so that they can be reviewed.


















      0












      0








      0


      1






      I followed Centralize the Certificate Authority guide to seperate my ca from the master however I'm running into trouble.



      My Setup



      Hosts file



      I have the following in the /etc/hosts file on all hosts:



      192.168.33.11 puppetcaserver
      192.168.33.10 puppet


      Puppet Master config



      [main]

      ca_server = puppetcaserver

      [master]
      ca = false


      Puppet CA config



      [master]
      ca = true


      Agent



       [master]
      ca_server = puppetcaserver
      server = puppet


      I can successfully start the CA. The puppet master fails with:



      Error: Could not run: Could not retrieve certificate for centos65-box-1 and not running on a valid certificate authority


      Full debug logs here



      Puppet version used: 3.7.3



      Can someone please highlight what the issue is? Thanks.










      share|improve this question














      I followed Centralize the Certificate Authority guide to seperate my ca from the master however I'm running into trouble.



      My Setup



      Hosts file



      I have the following in the /etc/hosts file on all hosts:



      192.168.33.11 puppetcaserver
      192.168.33.10 puppet


      Puppet Master config



      [main]

      ca_server = puppetcaserver

      [master]
      ca = false


      Puppet CA config



      [master]
      ca = true


      Agent



       [master]
      ca_server = puppetcaserver
      server = puppet


      I can successfully start the CA. The puppet master fails with:



      Error: Could not run: Could not retrieve certificate for centos65-box-1 and not running on a valid certificate authority


      Full debug logs here



      Puppet version used: 3.7.3



      Can someone please highlight what the issue is? Thanks.







      puppet puppetmaster






      share|improve this question













      share|improve this question











      share|improve this question




      share|improve this question










      asked Nov 16 '14 at 1:05









      kaizenCoderkaizenCoder

      223420




      223420





      bumped to the homepage by Community 7 mins ago


      This question has answers that may be good or bad; the system has marked it active so that they can be reviewed.







      bumped to the homepage by Community 7 mins ago


      This question has answers that may be good or bad; the system has marked it active so that they can be reviewed.
























          1 Answer
          1






          active

          oldest

          votes


















          0














          On the agent machine, it does not make sense to specify options in the [master] section of puppet.conf. The [agent] section is eligible, but to keep it simple, just stick to the [main] section.



          [main]
          ca_server = puppetcaserver
          server = puppet





          share|improve this answer
























            Your Answer








            StackExchange.ready(function() {
            var channelOptions = {
            tags: "".split(" "),
            id: "2"
            };
            initTagRenderer("".split(" "), "".split(" "), channelOptions);

            StackExchange.using("externalEditor", function() {
            // Have to fire editor after snippets, if snippets enabled
            if (StackExchange.settings.snippets.snippetsEnabled) {
            StackExchange.using("snippets", function() {
            createEditor();
            });
            }
            else {
            createEditor();
            }
            });

            function createEditor() {
            StackExchange.prepareEditor({
            heartbeatType: 'answer',
            autoActivateHeartbeat: false,
            convertImagesToLinks: true,
            noModals: true,
            showLowRepImageUploadWarning: true,
            reputationToPostImages: 10,
            bindNavPrevention: true,
            postfix: "",
            imageUploader: {
            brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
            contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
            allowUrls: true
            },
            onDemand: true,
            discardSelector: ".discard-answer"
            ,immediatelyShowMarkdownHelp:true
            });


            }
            });














            draft saved

            draft discarded


















            StackExchange.ready(
            function () {
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f644673%2fhow-to-seperate-the-ca-server-from-master-basic-setup%23new-answer', 'question_page');
            }
            );

            Post as a guest















            Required, but never shown

























            1 Answer
            1






            active

            oldest

            votes








            1 Answer
            1






            active

            oldest

            votes









            active

            oldest

            votes






            active

            oldest

            votes









            0














            On the agent machine, it does not make sense to specify options in the [master] section of puppet.conf. The [agent] section is eligible, but to keep it simple, just stick to the [main] section.



            [main]
            ca_server = puppetcaserver
            server = puppet





            share|improve this answer




























              0














              On the agent machine, it does not make sense to specify options in the [master] section of puppet.conf. The [agent] section is eligible, but to keep it simple, just stick to the [main] section.



              [main]
              ca_server = puppetcaserver
              server = puppet





              share|improve this answer


























                0












                0








                0







                On the agent machine, it does not make sense to specify options in the [master] section of puppet.conf. The [agent] section is eligible, but to keep it simple, just stick to the [main] section.



                [main]
                ca_server = puppetcaserver
                server = puppet





                share|improve this answer













                On the agent machine, it does not make sense to specify options in the [master] section of puppet.conf. The [agent] section is eligible, but to keep it simple, just stick to the [main] section.



                [main]
                ca_server = puppetcaserver
                server = puppet






                share|improve this answer












                share|improve this answer



                share|improve this answer










                answered Nov 17 '14 at 17:45









                Felix FrankFelix Frank

                2,87511021




                2,87511021






























                    draft saved

                    draft discarded




















































                    Thanks for contributing an answer to Server Fault!


                    • Please be sure to answer the question. Provide details and share your research!

                    But avoid



                    • Asking for help, clarification, or responding to other answers.

                    • Making statements based on opinion; back them up with references or personal experience.


                    To learn more, see our tips on writing great answers.




                    draft saved


                    draft discarded














                    StackExchange.ready(
                    function () {
                    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f644673%2fhow-to-seperate-the-ca-server-from-master-basic-setup%23new-answer', 'question_page');
                    }
                    );

                    Post as a guest















                    Required, but never shown





















































                    Required, but never shown














                    Required, but never shown












                    Required, but never shown







                    Required, but never shown

































                    Required, but never shown














                    Required, but never shown












                    Required, but never shown







                    Required, but never shown







                    Popular posts from this blog

                    Фонтен-ла-Гаярд Зміст Демографія | Економіка | Посилання |...

                    Список ссавців Італії Природоохоронні статуси | Список |...

                    Маріан Котлеба Зміст Життєпис | Політичні погляди |...