Error retrieving certificates: Server Error

asked 2015-11-18 16:03:28 -0500

SteveK gravatar image

Here's another newbie issue. Earlier this month, I had problems with my agents communicating with the master. With help received on this forum, I was able to get past that problem (firewall related).

The master is "CentOS Linux release 7.1.1503". On the master, puppet status reports "is_alive" :true, "version": "4.2.2"

From the console, when I look at "Configuration -> Reports", I see that no runs have occurred since Nov. 11. When I select "Nodes -> Inventory", in a red banner at the top of the page, I see "Error retrieving certificates: Server Error". This "feels" like another firewall issue, so I attempted to verify by issuing systemctl stop firewalld. That didn't help.

Any ideas on how to get past this will be greatly appreciated.

edit retag flag offensive close merge delete

Comments

Where should I look for (hopefully) relevant logs?

SteveK gravatar imageSteveK ( 2015-11-19 15:37:49 -0500 )edit

Are you able to run the agent successfully on your nodes? Can you verify that you have processes on your master listening to ports 8140 and 5432 and that you have a puppetdb process running?

GregLarkin gravatar imageGregLarkin ( 2015-11-19 20:06:40 -0500 )edit

No, recall that you steered me in the right direction with getting the agents to run. And, the agents were running until Nov. 11. I can't even get the agent that runs on the master to behave. firewall-cmd --list-all shows public ports: 3389/tcp 8140/tcp nothing for port 5432 ~11 postgres procs

SteveK gravatar imageSteveK ( 2015-11-20 08:59:21 -0500 )edit

Does that command show the list of open ports or if they actually have listeners on them? I normally do "netstat -anp | grep 8140" or "grep 5432" to see if a process is listening on the port. What does "service pe-puppetdb status" say? I'm not CentOS 7 fluent, so you'll have to adjust the command.

GregLarkin gravatar imageGregLarkin ( 2015-11-20 16:48:21 -0500 )edit

netstat -anp | grep '8140' tcp 0 0 0.0.0.0:5432 0.0.0.0:* LISTEN 7939/postgres tcp 0 0 10.95.33.79:5432 10.95.33.79:33271 ESTABLISHED 9559/postgres: pe-p etc...

SteveK gravatar imageSteveK ( 2015-11-23 10:01:12 -0500 )edit