Puppet 4.3.2 客户端节点无法通过 SSL 连接到 Puppet 服务器
Puppet 4.3.2 client node unable to connect via SSL to Puppet Server
我刚刚按照 the guide in the official docs 对我所有的 Puppet 认证进行了彻底的重新生成。
但是,我在 Google、SO 和其他任何地方似乎都没有好的线索时遇到了这个错误。
[vagrant@client puppet]$ hostname
client.example.com
[vagrant@client puppet]$ puppet --version
4.3.2
[vagrant@client puppet]$ sudo puppet config print vardir ssldir
vardir = /var/opt/puppetlabs/puppetserver
ssldir = /var/opt/puppetlabs/puppetserver/ssl
[vagrant@client puppet]$ sudo puppet agent --test --server=puppet.example.com
Warning: Unable to fetch my node definition, but the agent run will continue:
Warning: SSL_connect SYSCALL returned=5 errno=0 state=unknown state
Info: Retrieving pluginfacts
Error: /File[/var/opt/puppetlabs/puppetserver/facts.d]: Failed to generate additional resources using 'eval_generate': Connection reset by peer - SSL_connect
Error: /File[/var/opt/puppetlabs/puppetserver/facts.d]: Could not evaluate: Could not retrieve file metadata for puppet:///pluginfacts: SSL_connect SYSCALL returned=5 errno=0 state=unknown state
Info: Retrieving plugin
Error: /File[/var/opt/puppetlabs/puppetserver/lib]: Failed to generate additional resources using 'eval_generate': SSL_connect SYSCALL returned=5 errno=0 state=unknown state
Error: /File[/var/opt/puppetlabs/puppetserver/lib]: Could not evaluate: Could not retrieve file metadata for puppet:///plugins: SSL_connect SYSCALL returned=5 errno=0 state=unknown state
Error: Could not retrieve catalog from remote server: SSL_connect SYSCALL returned=5 errno=0 state=unknown state
Warning: Not using cache on failed catalog
Error: Could not retrieve catalog; skipping run
Error: Could not send report: SSL_connect SYSCALL returned=5 errno=0 state=unknown state
这个 ,但对于 Ruby 中的通用 SSL,我不确定如何更改 Puppet 的密码(不要认为它已启用)。
This post seems to suggest it may be Apache's fault,但我不认为我在使用 Apache。
有什么想法吗?
我运行遇到了同样的问题。
使用以下命令检查代理上的 ssl 目录:
sudo puppet config print ssldir
您的 ssl 目录可能不在 /etc/puppetlabs/puppet/ssl 中,但可能在 /opt/puppetlabs 下。从此目录中删除您的证书(或整个目录),然后执行另一个 puppet 运行.
我刚刚按照 the guide in the official docs 对我所有的 Puppet 认证进行了彻底的重新生成。
但是,我在 Google、SO 和其他任何地方似乎都没有好的线索时遇到了这个错误。
[vagrant@client puppet]$ hostname
client.example.com
[vagrant@client puppet]$ puppet --version
4.3.2
[vagrant@client puppet]$ sudo puppet config print vardir ssldir
vardir = /var/opt/puppetlabs/puppetserver
ssldir = /var/opt/puppetlabs/puppetserver/ssl
[vagrant@client puppet]$ sudo puppet agent --test --server=puppet.example.com
Warning: Unable to fetch my node definition, but the agent run will continue:
Warning: SSL_connect SYSCALL returned=5 errno=0 state=unknown state
Info: Retrieving pluginfacts
Error: /File[/var/opt/puppetlabs/puppetserver/facts.d]: Failed to generate additional resources using 'eval_generate': Connection reset by peer - SSL_connect
Error: /File[/var/opt/puppetlabs/puppetserver/facts.d]: Could not evaluate: Could not retrieve file metadata for puppet:///pluginfacts: SSL_connect SYSCALL returned=5 errno=0 state=unknown state
Info: Retrieving plugin
Error: /File[/var/opt/puppetlabs/puppetserver/lib]: Failed to generate additional resources using 'eval_generate': SSL_connect SYSCALL returned=5 errno=0 state=unknown state
Error: /File[/var/opt/puppetlabs/puppetserver/lib]: Could not evaluate: Could not retrieve file metadata for puppet:///plugins: SSL_connect SYSCALL returned=5 errno=0 state=unknown state
Error: Could not retrieve catalog from remote server: SSL_connect SYSCALL returned=5 errno=0 state=unknown state
Warning: Not using cache on failed catalog
Error: Could not retrieve catalog; skipping run
Error: Could not send report: SSL_connect SYSCALL returned=5 errno=0 state=unknown state
这个
This post seems to suggest it may be Apache's fault,但我不认为我在使用 Apache。
有什么想法吗?
我运行遇到了同样的问题。
使用以下命令检查代理上的 ssl 目录:
sudo puppet config print ssldir
您的 ssl 目录可能不在 /etc/puppetlabs/puppet/ssl 中,但可能在 /opt/puppetlabs 下。从此目录中删除您的证书(或整个目录),然后执行另一个 puppet 运行.