I got this error message even though all the certificates were automatically signed:
it seems like ‘autosign’ config file under ‘/etc/puppetlabs/puppet’ is not configured properly on puppet master i.e Jump Server
I configured autosign to be true in the puppet.conf file and updated the /etc/hosts files on each host with the dns entries puppet and puppet.stratos.xfusioncorp.com appended to the jump host line.
Hello guys,
any ideas why only stapp03 agent is not getting the certs:
[root@stapp03 ~]# puppet agent -t
Info: csr_attributes file loading from /etc/puppetlabs/puppet/csr_attributes.yaml
Info: Creating a new SSL certificate request for stapp03.stratos.xfusioncorp.com
Info: Certificate Request fingerprint (SHA256): 28:66:E5:3E:CE:B8:82:2C:14:46:BC:93:B0:09:DF:F1:BD:A8:AC:DE:09:83:F1:49:1E:93:EC:E2:98:8F:32:D3
Info: Downloaded certificate for stapp03.stratos.xfusioncorp.com from https://puppet:8140/puppet-ca/v1
Error: The certificate for ‘CN=stapp03.stratos.xfusioncorp.com’ does not match its private key
Error: Could not run: The certificate for ‘CN=stapp03.stratos.xfusioncorp.com’ does not match its private key
yes both were configured properly. I managed to fix the issue, but the tasks was really glitchy. I tried couple of times, always same config, for some weird reasons one server wasn’t getting it properly. last time I tried same config everything worked.
Thanks @Inderpreet . Will you kindly restore the bonus points as well for the same task as I completed it within 12min. Thank you once again for your response
Hi @balu.networks7 , @Tej-Singh-Rana ,@inderpreet for the host entries on master and the app servers , do you just add the alias as puppet to the existing jump host entries as below or On master /etc/hosts: