Getting certificate errors with external CA

asked 2014-06-11 13:42:30 -0500

msirbaug gravatar image

updated 2014-06-11 13:44:26 -0500

Having a devil of a time getting the external CA environment setup. I have all the certs in place and have updated the puppet.conf and puppetmaster.conf appropriately (or so I believe). We are running in a Rack/Passenger environment. I am receiving the following error when I connect from the command line, which is similar to what I'm seeing in the console.:

openssl sclient -host xx.xx.xx.xx -port 443 -cert /etc/puppetlabs/puppet/ssl/certs/puppetmaster.pem -key /etc/puppetlabs /puppet/ssl/privatekeys/puppetmaster.pem -CAfile /etc/puppetlabs/puppet/ssl/certs/ca_bundle.pem

140569446258504:error:14094416:SSL routines:SSL3READBYTES:sslv3 alert certificate unknown:s3pkt.c:1256:SSL alert number 46 140569446258504:error:140790E5:SSL routines:SSL23WRITE:ssl handshake failure:s23_lib.c:177:

So seemingly something is wrong with my certs.

Has anyone tried to setup with an external CA? Any ideas about this error.

thx tons!

edit retag flag offensive close merge delete