Puppet Error in generating new certificates when a new puppet master is created

0 votes

After creating a new Puppet Master to upgrade to Puppet6, I executed the following inorder to clear old certificates.

rm -rf /etc/puppetlabs/puppet/ssl

After pointing the old client at the new master, the client cannot generate new certificates.

Here's the Error that i am getting:

Error: /File[/opt/puppetlabs/puppet/cache/facts.d]: Failed to generate additional resources using 'eval_generate': SSL_connect returned=1 errno=0 state=error: certificate verify failed: [unable to get local issuer certificate for /CN={server FQDN}]
Error: /File[/opt/puppetlabs/puppet/cache/facts.d]: Could not evaluate: Could not retrieve file metadata for puppet:///pluginfacts: SSL_connect returned=1 errno=0 state=error: certificate verify failed: [unable to get local issuer certificate for /CN={server FQDN}]
Aug 29, 2019 in Puppet by Nizzy
7,409 views

1 answer to this question.

0 votes

A new certificate has to be generated on the client end so that it can be signed by the new puppetmaster, hence the existing certificates have to be deleted on the client side:

rm -rf /var/lib/puppet/ssl

On the server-side

puppetserver ca clean --certname <hostname_of_client>
rm -rf /opt/puppetlabs/puppet/ssl

Try deleting the ssl folder on the puppet client and try again:

 puppet agent --waitforcert 60 --test
answered Aug 29, 2019 by Sirajul
• 59,230 points

Related Questions In Puppet

0 votes
1 answer

Is it possible to install puppet agent in a docker container on linux?

Hey @Janice, this is pretty simple. Create ...READ MORE

answered Mar 12, 2019 in Puppet by Jason
1,482 views
0 votes
1 answer

Error: PuppetDB is running but Puppet Master can't reach it.

If PuppetDB is running but the Puppet ...READ MORE

answered Jul 31, 2019 in Puppet by Sirajul
• 59,230 points
1,069 views
0 votes
1 answer

Is there a provision of on failure ability in puppet?

Not a built-in one, no.  They do log failures, of ...READ MORE

answered Aug 6, 2019 in Puppet by Sirajul
• 59,230 points
572 views
0 votes
1 answer

Puppet+Kubernetes: Is there a way to create resources in Kubernetes using Puppet?

Yes, it is quite possible to create ...READ MORE

answered Aug 23, 2019 in Puppet by Sirajul
• 59,230 points
939 views
+15 votes
2 answers

Git management technique when there are multiple customers and need multiple customization?

Consider this - In 'extended' Git-Flow, (Git-Multi-Flow, ...READ MORE

answered Mar 27, 2018 in DevOps & Agile by DragonLord999
• 8,450 points
3,954 views
+2 votes
1 answer
0 votes
1 answer
0 votes
1 answer
webinar REGISTER FOR FREE WEBINAR X
REGISTER NOW
webinar_success Thank you for registering Join Edureka Meetup community for 100+ Free Webinars each month JOIN MEETUP GROUP