Warning: Unable to fetch my node definition, but the agent run will continue: Warning: SSL_connect returned=1 errno=0 state=error: certificate verify failed

asked 2017-03-26 09:37:53 -0500

updated 2017-03-27 07:45:09 -0500

DarylW gravatar image

Hi I'm new to puppet.

puppet agent conf is:

[main]
certname = puppetcli.example.com
server = puppetserver.example.com
environment = production
runinterval = 1h
#[agent]
#server = puppetserver.example.com

puppet server conf is:

[master]
vardir = /opt/puppetlabs/server/data/puppetserver
logdir = /var/log/puppetlabs/puppetserver
rundir = /var/run/puppetlabs/puppetserver
pidfile = /var/run/puppetlabs/puppetserver/puppetserver.pid
codedir = /etc/puppetlabs/code
dns_alt_names = puppetserver.example.com,puppetserver
reports = puppetdb
storeconfigs_backend = puppetdb
storeconfigs = true
environment_timeout = unlimited

[main]
certname = puppetserver.example.com
server = puppetserver.example.com
environment = production
runinterval = 1h
strict_variables = true


[root@puppetserver ~]#

[root@puppetserver ~]# puppet cert list -all
+ "puppetcli.example.com"    (SHA256) 6F:2B:FA:0B:75:9A:59:CB:2C:50:FF:E8:86:7D:A6:36:7C:D5:2C:57:BB:A2:20:DE:F4:9B:A7:E2:BB:5E:60:E3
+ "puppetserver.example.com" (SHA256) A4:7D:45:97:A4:8B:28:8C:D4:D2:92:1C:C8:68:67:E5:4D:31:0D:69:92:DA:0B:FA:D1:07:12:4B:C3:DE:04:87 (alt names: "DNS:puppetserver", "DNS:puppetserver.example.com")
[root@puppetserver ~]#

But still I get error while running puppet agent -t

[root@puppetcli ~]# puppet agent -t
Warning: Unable to fetch my node definition, but the agent run will continue:
Warning: SSL_connect returned=1 errno=0 state=error: certificate verify failed: [unable to get local issuer certificate for /CN=puppetserver.example.com]
Info: Retrieving pluginfacts
Error: /File[/opt/puppetlabs/puppet/cache/facts.d]: Failed to generate additional resources using 'eval_generate': SSL_connect returned=1 errno=0 state=error: certificate verify failed: [unable to get local issuer certificate for /CN=puppetserver.example.com]
Error: /File[/opt/puppetlabs/puppet/cache/facts.d]: Could not evaluate: Could not retrieve file metadata for puppet:///pluginfacts: SSL_connect returned=1 errno=0 state=error: certificate verify failed: [unable to get local issuer certificate for /CN=puppetserver.example.com]
Info: Retrieving plugin
Error: /File[/opt/puppetlabs/puppet/cache/lib]: Failed to generate additional resources using 'eval_generate': SSL_connect returned=1 errno=0 state=error: certificate verify failed: [unable to get local issuer certificate for /CN=puppetserver.example.com]
Error: /File[/opt/puppetlabs/puppet/cache/lib]: Could not evaluate: Could not retrieve file metadata for puppet:///plugins: SSL_connect returned=1 errno=0 state=error: certificate verify failed: [unable to get local issuer certificate for /CN=puppetserver.example.com]
Error: Could not retrieve catalog from remote server: SSL_connect returned=1 errno=0 state=error: certificate verify failed: [unable to get local issuer certificate for /CN=puppetserver.example.com]
Warning: Not using cache on failed catalog
Error: Could not retrieve catalog; skipping run
Error: Could not send report: SSL_connect returned=1 errno=0 state=error: certificate verify failed: [unable to get local issuer certificate for /CN=puppetserver.example.com]
edit retag flag offensive close merge delete

Comments

You need to replace puppetserver.example.com with the host name of your actual puppet master's.

Red Cricket gravatar imageRed Cricket ( 2017-03-26 18:42:04 -0500 )edit