Getting certificate errors with external CA
Having a devil of a time getting the external CA environment setup. I have all the certs in place and have updated the puppet.conf and puppetmaster.conf appropriately (or so I believe). We are running in a Rack/Passenger environment. I am receiving the following error when I connect from the command line, which is similar to what I'm seeing in the console.:
openssl sclient -host xx.xx.xx.xx -port 443 -cert /etc/puppetlabs/puppet/ssl/certs/puppetmaster.pem -key /etc/puppetlabs /puppet/ssl/privatekeys/puppetmaster.pem -CAfile /etc/puppetlabs/puppet/ssl/certs/ca_bundle.pem
140569446258504:error:14094416:SSL routines:SSL3READBYTES:sslv3 alert certificate unknown:s3pkt.c:1256:SSL alert number 46 140569446258504:error:140790E5:SSL routines:SSL23WRITE:ssl handshake failure:s23_lib.c:177:
So seemingly something is wrong with my certs.
Has anyone tried to setup with an external CA? Any ideas about this error.