How to seperate the CA server from Master (basic setup)?Can any puppet agent get any puppet file from the...
Alternative to sending password over mail?
How is it possible to have an ability score that is less than 3?
Why is consensus so controversial in Britain?
Brothers & sisters
How can I make my BBEG immortal short of making them a Lich or Vampire?
What mechanic is there to disable a threat instead of killing it?
Facing a paradox: Earnshaw's theorem in one dimension
Assassin's bullet with mercury
Stopping power of mountain vs road bike
Why do bosons tend to occupy the same state?
Can I ask the recruiters in my resume to put the reason why I am rejected?
Why doesn't H₄O²⁺ exist?
Modeling an IP Address
What killed these X2 caps?
How can saying a song's name be a copyright violation?
Is "remove commented out code" correct English?
Is it unprofessional to ask if a job posting on GlassDoor is real?
Is it inappropriate for a student to attend their mentor's dissertation defense?
Why do I get two different answers for this counting problem?
Why doesn't using multiple commands with a || or && conditional work?
Forgetting the musical notes while performing in concert
Emailing HOD to enhance faculty application
Why does Arabsat 6A need a Falcon Heavy to launch
If human space travel is limited by the G force vulnerability, is there a way to counter G forces?
How to seperate the CA server from Master (basic setup)?
Can any puppet agent get any puppet file from the master?puppet not signing cert or getting new requestsPuppet using /var/lib/puppet/.puppet/ as default config dirPuppet server hostname does not match certificate - can't authenticate. How to disable puppet authentication?puppet node keeps adding itself to the masterSetup a non-CA Puppet MasterPuppet Master doesn't get certificate request from agentPuppet Device unable to get local issuer certificateHow to identify which Puppet master was used in an agent run?Generating and signing certificates in puppet version 5
.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty{ height:90px;width:728px;box-sizing:border-box;
}
I followed Centralize the Certificate Authority guide to seperate my ca
from the master
however I'm running into trouble.
My Setup
Hosts file
I have the following in the /etc/hosts
file on all hosts:
192.168.33.11 puppetcaserver
192.168.33.10 puppet
Puppet Master config
[main]
ca_server = puppetcaserver
[master]
ca = false
Puppet CA config
[master]
ca = true
Agent
[master]
ca_server = puppetcaserver
server = puppet
I can successfully start the CA. The puppet master fails with:
Error: Could not run: Could not retrieve certificate for centos65-box-1 and not running on a valid certificate authority
Full debug logs here
Puppet version used: 3.7.3
Can someone please highlight what the issue is? Thanks.
puppet puppetmaster
bumped to the homepage by Community♦ 7 mins ago
This question has answers that may be good or bad; the system has marked it active so that they can be reviewed.
add a comment |
I followed Centralize the Certificate Authority guide to seperate my ca
from the master
however I'm running into trouble.
My Setup
Hosts file
I have the following in the /etc/hosts
file on all hosts:
192.168.33.11 puppetcaserver
192.168.33.10 puppet
Puppet Master config
[main]
ca_server = puppetcaserver
[master]
ca = false
Puppet CA config
[master]
ca = true
Agent
[master]
ca_server = puppetcaserver
server = puppet
I can successfully start the CA. The puppet master fails with:
Error: Could not run: Could not retrieve certificate for centos65-box-1 and not running on a valid certificate authority
Full debug logs here
Puppet version used: 3.7.3
Can someone please highlight what the issue is? Thanks.
puppet puppetmaster
bumped to the homepage by Community♦ 7 mins ago
This question has answers that may be good or bad; the system has marked it active so that they can be reviewed.
add a comment |
I followed Centralize the Certificate Authority guide to seperate my ca
from the master
however I'm running into trouble.
My Setup
Hosts file
I have the following in the /etc/hosts
file on all hosts:
192.168.33.11 puppetcaserver
192.168.33.10 puppet
Puppet Master config
[main]
ca_server = puppetcaserver
[master]
ca = false
Puppet CA config
[master]
ca = true
Agent
[master]
ca_server = puppetcaserver
server = puppet
I can successfully start the CA. The puppet master fails with:
Error: Could not run: Could not retrieve certificate for centos65-box-1 and not running on a valid certificate authority
Full debug logs here
Puppet version used: 3.7.3
Can someone please highlight what the issue is? Thanks.
puppet puppetmaster
I followed Centralize the Certificate Authority guide to seperate my ca
from the master
however I'm running into trouble.
My Setup
Hosts file
I have the following in the /etc/hosts
file on all hosts:
192.168.33.11 puppetcaserver
192.168.33.10 puppet
Puppet Master config
[main]
ca_server = puppetcaserver
[master]
ca = false
Puppet CA config
[master]
ca = true
Agent
[master]
ca_server = puppetcaserver
server = puppet
I can successfully start the CA. The puppet master fails with:
Error: Could not run: Could not retrieve certificate for centos65-box-1 and not running on a valid certificate authority
Full debug logs here
Puppet version used: 3.7.3
Can someone please highlight what the issue is? Thanks.
puppet puppetmaster
puppet puppetmaster
asked Nov 16 '14 at 1:05
kaizenCoderkaizenCoder
223420
223420
bumped to the homepage by Community♦ 7 mins ago
This question has answers that may be good or bad; the system has marked it active so that they can be reviewed.
bumped to the homepage by Community♦ 7 mins ago
This question has answers that may be good or bad; the system has marked it active so that they can be reviewed.
add a comment |
add a comment |
1 Answer
1
active
oldest
votes
On the agent machine, it does not make sense to specify options in the [master]
section of puppet.conf
. The [agent]
section is eligible, but to keep it simple, just stick to the [main]
section.
[main]
ca_server = puppetcaserver
server = puppet
add a comment |
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "2"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f644673%2fhow-to-seperate-the-ca-server-from-master-basic-setup%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
On the agent machine, it does not make sense to specify options in the [master]
section of puppet.conf
. The [agent]
section is eligible, but to keep it simple, just stick to the [main]
section.
[main]
ca_server = puppetcaserver
server = puppet
add a comment |
On the agent machine, it does not make sense to specify options in the [master]
section of puppet.conf
. The [agent]
section is eligible, but to keep it simple, just stick to the [main]
section.
[main]
ca_server = puppetcaserver
server = puppet
add a comment |
On the agent machine, it does not make sense to specify options in the [master]
section of puppet.conf
. The [agent]
section is eligible, but to keep it simple, just stick to the [main]
section.
[main]
ca_server = puppetcaserver
server = puppet
On the agent machine, it does not make sense to specify options in the [master]
section of puppet.conf
. The [agent]
section is eligible, but to keep it simple, just stick to the [main]
section.
[main]
ca_server = puppetcaserver
server = puppet
answered Nov 17 '14 at 17:45
Felix FrankFelix Frank
2,87511021
2,87511021
add a comment |
add a comment |
Thanks for contributing an answer to Server Fault!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f644673%2fhow-to-seperate-the-ca-server-from-master-basic-setup%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown