-->

DEVOPSZONES

DEVOPSZONES

    • Recent blogs

    puppet-agent[21365]: Could not request certificate: execution expired

    Monday, April 11, 2016 0

    puppet-agent[21365]: Could not request certificate: execution expired



    Issue:
    Not able register Puppet client to Puppet Server.

    Troubleshooting & Solution :
    Tried Generating certificate for testserver01 on Puppet server. No Success
    [root@puppet01 ~]# puppet cert --generate testserver01
    Error: testserver01 already has a requested certificate; ignoring certificate request
    Tried Revoking certificate for testserver01 on Puppet server. No Success
    [root@puppet01 ~]# puppet cert --revoke testserver01
    Error: Could not find a serial number for testserver01
    Checked certificate for testserver01 on Puppet server. No Success
    [root@testserver01 puppet]# puppet config print certname
    testserver01
    tried cleaning  certificate for testserver01 on Puppet server. No Success
    [root@puppet01 ~]# puppet cert --clean testserver01
    Error: Could not find a serial number for testserver01
    [root@puppet01 ~]#
    tried cleaning  Node (testserver01) on Puppet server. Finally Succeeded
    [root@puppet01 ~]# puppet node clean testserver01
    Notice: Removing file Puppet::SSL::CertificateRequest testserver01 at '/var/lib/puppet/ssl/ca/requests/testserver01.pem'
    Notice: Removing file Puppet::SSL::CertificateRequest testserver01 at '/var/lib/puppet/ssl/certificate_requests/testserver01.pem'
    Notice: Removing file Puppet::SSL::Key testserver01 at '/var/lib/puppet/ssl/private_keys/testserver01.pem'
    testserver01
    [root@puppet01 ~]#
    Remove the SSL directory at client Side.
    Client:testserver01
    rm -rf /var/lib/puppet/ssl

    Generated Puppet certificate and register Puppet Client:
    [root@testserver01 puppet]# puppet agent  --server puppet01.ori --waitforcert 60 --test
    Info: Creating a new SSL key for testserver01
    Info: Caching certificate for ca
    Info: csr_attributes file loading from /etc/puppet/csr_attributes.yaml
    Info: Creating a new SSL certificate request for testserver01
    Info: Certificate Request fingerprint (SHA256): < .....>
    *********AT THIS POINT SIGN THE CERT IN SERVER******************
    Info: Caching certificate for ca
    Notice: Did not receive certificate
    Info: Caching certificate for testserver01
    Notice: Ignoring --listen on onetime run
    Info: Caching certificate_revocation_list for ca
    Info: Retrieving pluginfacts
    Info: Retrieving plugin
    Info: Caching catalog for testserver01
    Info: Applying configuration version '1442380272'
    Notice: Finished catalog run in 0.15 seconds
    You have new mail in /var/spool/mail/root
    [root@testserver01 puppet]#


    Server ..puppet01
    [root@puppet01 ~]# puppet cert --sign testserver01
    Notice: Signed certificate request for testserver01
    Notice: Removing file Puppet::SSL::CertificateRequest testserver01 at '/var/lib/puppet/ssl/ca/requests/testserver01.pem'
    [root@puppet01 ~]#
    Tags:
    Author Image

    About Manas Ranjan Tripathy

    No comments

    Subscribe to: Post Comments ( Atom )