Puppet: Error in generating new certificates when a new puppet master is created.

0 votes

After creating a new Puppet Master to upgrade to Puppet6, I executed the following inorder to clear old certificates.

rm -rf /etc/puppetlabs/puppet/ssl

After pointing the old client at the new master, the client cannot generate new certificates.

Here's the Error that i am getting:

Error: /File[/opt/puppetlabs/puppet/cache/facts.d]: Failed to generate additional resources using 'eval_generate': SSL_connect returned=1 errno=0 state=error: certificate verify failed: [unable to get local issuer certificate for /CN={server FQDN}]
Error: /File[/opt/puppetlabs/puppet/cache/facts.d]: Could not evaluate: Could not retrieve file metadata for puppet:///pluginfacts: SSL_connect returned=1 errno=0 state=error: certificate verify failed: [unable to get local issuer certificate for /CN={server FQDN}]
Aug 29 in Puppet by Nizzy
13 views

1 answer to this question.

0 votes

A new certificate has to be generated on the client end so that it can be signed by the new puppetmaster, hence the existing certificates have to be deleted on the client side:

rm -rf /var/lib/puppet/ssl

On the server-side

puppetserver ca clean --certname <hostname_of_client>
rm -rf /opt/puppetlabs/puppet/ssl

Try deleting the ssl folder on the puppet client and try again:

 puppet agent --waitforcert 60 --test
answered Aug 29 by Sirajul
• 25,420 points

Related Questions In Puppet

0 votes
1 answer

Is it possible to install puppet agent in a docker container on linux?

Hey @Janice, this is pretty simple. Create ...READ MORE

answered Mar 12 in Puppet by Jason
109 views
0 votes
1 answer

Error: PuppetDB is running but Puppet Master can't reach it.

If PuppetDB is running but the Puppet ...READ MORE

answered Jul 31 in Puppet by Sirajul
• 25,420 points
24 views
0 votes
1 answer

Is there a provision of on failure ability in puppet?

Not a built-in one, no.  They do log failures, of ...READ MORE

answered Aug 6 in Puppet by Sirajul
• 25,420 points
21 views
0 votes
1 answer
+13 votes
2 answers

Git management technique when there are multiple customers and need multiple customization?

Consider this - In 'extended' Git-Flow, (Git-Multi-Flow, ...READ MORE

answered Mar 26, 2018 in DevOps & Agile by DragonLord999
• 8,380 points
148 views
0 votes
1 answer
0 votes
1 answer
0 votes
1 answer