I have experience using puppet, however I am new to setting puppet up as it
was already done for me in past environments. I am running into an issue
while trying to set puppet up for the first time on RHEL 6.4. I was hoping
y'all might be able to help me!
I get the following error from the puppet client's /var/log/messages log:
May 30 07:06:30 pclient puppet-agent[1458]: Creating a new SSL certificate
request for pclient
May 30 07:06:30 pclient puppet-agent[1458]: Certificate Request fingerprint
(SHA256):
62:1A:83:7D:DA:8B:A5:4B:14:D8:85:CF:D2:87:72:FA:88:9C:F5:88:46:28:3D:59:10:99:30:D8:50:9D:7A:2E
May 30 07:06:30 pclient puppet-agent[1458]: Could not request certificate:
Error 405 on SERVER: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
May 30 07:06:30 pclient puppet-agent[1458]: <html><head>
May 30 07:06:30 pclient puppet-agent[1458]: <title>405 Method Not
Allowed</title>
May 30 07:06:30 pclient puppet-agent[1458]: </head><body>
May 30 07:06:30 pclient puppet-agent[1458]: <h1>Method Not Allowed</h1>
May 30 07:06:30 pclient puppet-agent[1458]: <p>The requested method PUT is
not allowed for the URL /production/certificate_request/pclient.</p>
<...truncated...>
On the puppet master I get stuff like this in the apache logs:
[Thu May 30 07:05:45 2013] [error] [client 192.168.223.129] File does not
exist: /usr/share/puppet/rack/puppetmasterd/public/production/node
[Thu May 30 07:05:45 2013] [error] [client 192.168.223.129] File does not
exist: /usr/share/puppet/rack/puppetmasterd/public/production/file_metadatas
[Thu May 30 07:05:45 2013] [error] [client 192.168.223.129] File does not
exist: /usr/share/puppet/rack/puppetmasterd/public/production/file_metadata
[Thu May 30 07:05:45 2013] [error] [client 192.168.223.129] File does not
exist: /usr/share/puppet/rack/puppetmasterd/public/production/catalog
[Thu May 30 07:06:31 2013] [error] [client 192.168.223.131] File does not
exist: /usr/share/puppet/rack/puppetmasterd/public/production/certificate
[Thu May 30 07:06:31 2013] [error] [client 192.168.223.131] File does not
exist:
/usr/share/puppet/rack/puppetmasterd/public/production/certificate_request/pclient
Here is some relevant apache config info:
# Only allow high security cryptography. Alter if needed for
compatibility.
SSLProtocol All -SSLv2
SSLCipherSuite HIGH:!ADH:RC4+RSA:-MEDIUM:-LOW:-EXP
SSLCertificateFile
/var/lib/puppet/ssl/certs/pmaster.localdomain.pem
SSLCertificateKeyFile
/var/lib/puppet/ssl/private_keys/pmaster.localdomain.pem
SSLCertificateChainFile /var/lib/puppet/ssl/ca/ca_crt.pem
SSLCACertificateFile /var/lib/puppet/ssl/ca/ca_crt.pem
SSLCARevocationFile /var/lib/puppet/ssl/ca/ca_crl.pem
SSLVerifyClient optional
SSLVerifyDepth 1
SSLOptions +StdEnvVars +ExportCertData
DocumentRoot /usr/share/puppet/rack/puppetmasterd/public/
<Directory /usr/share/puppet/rack/puppetmasterd/>
Options None
AllowOverride None
Order Allow,Deny
Allow from All
</Directory>
Any ideas? I'm sure this is something VERY basic that I missed, but I keep
reading through the setup guide and coming up with nothing to try.
Most appreciated!
--
You received this message because you are subscribed to the Google Groups "Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscribe@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users?hl=en.
For more options, visit https://groups.google.com/groups/opt_out.
