Ask Your Question
1

Could not retrieve facts from inventory service: SSL_connect returned=1 errno=0 state=SSLv3 read server session ticket A: sslv3 alert certificate revoked

asked 2014-01-17 06:13:43 -0600

priatm gravatar image

updated 2014-01-25 02:59:52 -0600

doc75 gravatar image

I can see following error in puppet Enterprise Console::

Could not retrieve facts from inventory service: SSL_connect returned=1 errno=0 state=SSLv3 read server session ticket A: sslv3 alert certificate revoked

Also I followed following steps::

  1. I ran puppet agent -t on Windows puppet Enterprise client.
  2. I ran puppet cert list and sign client certificate from master.
  3. Again I ran puppet agent -t

but I am getting following error on console :

Warning: Unable to fetch my node definition, but the agent run will continue:
Warning: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed ...
(more)
edit retag flag offensive close merge delete

5 Answers

Sort by ยป oldest newest most voted
1

answered 2014-01-23 18:25:47 -0600

Stefan gravatar image

Is learn.localdomain your puppet master or puppet agent?

It looks like you've also ran puppet cert clean because puppet says the certificate has been revoked. If you've signed the certificate please run puppet cert list --all. It should list the fqdn of your puppet agent with a + in front of it (outstanding certificate request do not have a + sign in front of it, signed certificates do). Then run puppet agent --configprint certname on your agent to check that the certificate that the agent expects is the same you just signed on your master.

edit flag offensive delete link more
0

answered 2015-07-09 11:28:16 -0600

kartikv gravatar image

I am using the PE trial edition - 10 client licenses. I got this working by: 1)Blowing away the operating system. 2)Using 6 cores and 32GB of RAM 3)Reinstalling PE trial edition.

Thanks to all those who helped.

edit flag offensive delete link more
0

answered 2016-11-28 05:25:05 -0600

Nadeem gravatar image

To be sure the certificates are completely removed on the puppetmaster I explicitly cleaned them again [root@master ~]#puppet cert -c hostname

In Agent:- Looking for the directory where those certificates are stored [root@agent ~]# puppet config print | grep certdir [root@agent ~]# rm /var/lib/puppet/ssl -rf Once the certificates are completely removed on the master and the client we have to regenerate them from the agent using the puppet daemon [root@agent ~]# puppet agent --test

***ENJOY* IT WILL WORK****

edit flag offensive delete link more
0

answered 2014-05-02 12:39:01 -0600

melango gravatar image

This issue may happen even if the agent and master clocks are not synchronized.

edit flag offensive delete link more
0

answered 2014-03-13 00:19:01 -0600

Toky gravatar image

I had the same issue but the host is my pe-console host. I noticed it had multple Certs. I thought if I removed the certs from the agent host and the puppet master it would get recreated once I restarted the agent but i still get the same error:

puppet agent --test

Error: Failed to apply catalog: SSLconnect returned=1 errno=0 state=SSLv3 read server session ticket A: sslv3 alert certificate revoked Mar 13 00:43:06 awslxpuptwbed01 puppet-agent[3348]: Failed to apply catalog: SSLconnect returned=1 errno=0 state=SSLv3 read server session ticket A: sslv3 ...

(more)
edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

2 followers

Stats

Asked: 2014-01-17 06:13:43 -0600

Seen: 7,163 times

Last updated: Jul 09 '15