Ask Your Question
0

Puppet server disable "webserver" because i am using apache

asked 2018-02-21 08:39:13 -0500

Cosmin gravatar image

Hello ,

OS : centos 7.4.1708 , kernel 3.10.0-693.5.2.el7.x86_64

Puppetserver : puppetserver-1.2.0-1.el7.noarch, puppet version : 3.8.7

I have a vhost on apache to handle the requests on port 8140 , but this puppet server keeps wanting to listen to port 8140 too , and if i delete "/etc/puppetserver/conf.d/webserver.conf" then i get other sorts of errors , like ssl-host and ssl-port not set or whatever .

How can i disable the "webserver" and let know puppet that i already have apache listenintg on 8140 with passenger module setup ?

Best Regards .

edit retag flag offensive close merge delete

1 Answer

Sort by ยป oldest newest most voted
0

answered 2018-02-21 12:11:32 -0500

Cosmin gravatar image

Ok no need to answer , i have already found the problem myself .

Now I have installed a puppet agent , and am configuring it for he 1st time with :

[root@c6a ~]# puppet agent --no-daemonize --verbose --onetime   
Info: Creating a new SSL key for c6a.default
Info: Caching certificate for ca
Info: csr_attributes file loading from /etc/puppet/csr_attributes.yaml
Info: Creating a new SSL certificate request for c6a.default
Info: Certificate Request fingerprint (SHA256): F6:42:E9:FC:6A:7B:1F:E8:A8:2B:3F:AF:68:3D:AD:5D:B1:8C:A8:38:0E:3D:30:97:82:4D:C0:7D:DA:BD:23:DD
Info: Caching certificate for ca
Exiting; no certificate found and waitforcert is disabled
[root@c6a ~]#

While on the server, the apache log file "/var/log/httpd/access_log" ( note : this is the only file that is getting updated when i run the command on the agent ) i get :

192.168.122.20 - - [21/Feb/2018:12:54:00 -0500] "GET /production/certificate/ca?fail_on_404=true HTTP/1.1" 200 1944 "-" "-"
192.168.122.20 - - [21/Feb/2018:12:54:00 -0500] "GET /production/certificate/c6a.default? HTTP/1.1" 404 49 "-" "-"
192.168.122.20 - - [21/Feb/2018:12:54:01 -0500] "GET /production/certificate_request/c6a.default? HTTP/1.1" 200 1586 "-" "-"
192.168.122.20 - - [21/Feb/2018:12:54:01 -0500] "GET /production/certificate/c6a.default? HTTP/1.1" 404 49 "-" "-"
192.168.122.20 - - [21/Feb/2018:12:54:02 -0500] "GET /production/certificate/ca?fail_on_404=true HTTP/1.1" 200 1944 "-" "-"
192.168.122.20 - - [21/Feb/2018:12:54:02 -0500] "GET /production/certificate/c6a.default? HTTP/1.1" 404 49 "-" "-"
192.168.122.20 - - [21/Feb/2018:12:54:02 -0500] "GET /production/certificate/c6a.default? HTTP/1.1" 404 49 "-" "-"
192.168.122.20 - - [21/Feb/2018:12:54:03 -0500] "GET /production/certificate/c6a.default? HTTP/1.1" 404 49 "-" "-"

And from what I see , the client is asking for the file path "/production/certificate/c6a.default" (relative to apache ) which obiously does not exist because it was not created .

Searching thru the folders of the server , I have found a certification file for "c6a" ( the agent ) at the path :

/var/lib/puppet/ssl/ca/requests/c6a.default.pem

I am bummed , what should i do , is it normal ? does it have to happend like that ? should I continue , or is it essential that i receive the file at path " /production/certificate/c6a.default" from the server ??

Regards .

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

Stats

Asked: 2018-02-21 08:39:13 -0500

Seen: 50 times

Last updated: Feb 21