Reputation: 16493
Puppet 4.3.2 client node unable to connect via SSL to Puppet Server
I have just done a clean regeneration of all my Puppet certifications as per the guide in the official docs.
However, I encounter this error with seemingly no good leads on Google, SO, nor anywhere else.
[vagrant@client puppet]$ hostname
client.example.com
[vagrant@client puppet]$ puppet --version
4.3.2
[vagrant@client puppet]$ sudo puppet config print vardir ssldir
vardir = /var/opt/puppetlabs/puppetserver
ssldir = /var/opt/puppetlabs/puppetserver/ssl
[vagrant@client puppet]$ sudo puppet agent --test --server=puppet.example.com
Warning: Unable to fetch my node definition, but the agent run will continue:
Warning: SSL_connect SYSCALL returned=5 errno=0 state=unknown state
Info: Retrieving pluginfacts
Error: /File[/var/opt/puppetlabs/puppetserver/facts.d]: Failed to generate additional resources using 'eval_generate': Connection reset by peer - SSL_connect
Error: /File[/var/opt/puppetlabs/puppetserver/facts.d]: Could not evaluate: Could not retrieve file metadata for puppet:///pluginfacts: SSL_connect SYSCALL returned=5 errno=0 state=unknown state
Info: Retrieving plugin
Error: /File[/var/opt/puppetlabs/puppetserver/lib]: Failed to generate additional resources using 'eval_generate': SSL_connect SYSCALL returned=5 errno=0 state=unknown state
Error: /File[/var/opt/puppetlabs/puppetserver/lib]: Could not evaluate: Could not retrieve file metadata for puppet:///plugins: SSL_connect SYSCALL returned=5 errno=0 state=unknown state
Error: Could not retrieve catalog from remote server: SSL_connect SYSCALL returned=5 errno=0 state=unknown state
Warning: Not using cache on failed catalog
Error: Could not retrieve catalog; skipping run
Error: Could not send report: SSL_connect SYSCALL returned=5 errno=0 state=unknown state
This is a similar error, but for general SSL in Ruby, and I'm not sure how to change the cipher for Puppet (don't think it is enabled).
This post seems to suggest it may be Apache's fault, but I don't think I'm using Apache.
Any ideas?
Upvotes: 5
Views: 6293
Answers (1)
Reputation: 156
I ran into the same problem.
Check your ssl directory on the agent with the command:
sudo puppet config print ssldir
Your ssl directory is probably not in /etc/puppetlabs/puppet/ssl, but probably under /opt/puppetlabs. Remove your certificate (or the entire catalog) from this directory and then perform another puppet run.
Upvotes: 4
Related Questions
- SSL Error When installing rubygems, Unable to pull data from 'https://rubygems.org/
- why am I getting this error and what is solution doing to fix the error?
- Troubleshooting Puppet Manifests for Windows puppet Node
- Puppet 6.1.0: node.rb missing from installed files?
- The Lookup Configuration at hiera.yaml has wrong type, entry 'hierarchy' index 0 expects a Struct value, got String
- Puppet netdev_stdlib: How to fix "Invalid resource type netdev_device"?
- Puppet master and client on one machine
- Puppet lvm duplicate declararion - error 400 on server
- puppet-enterprise-3.1.0-el-6-i386 client/agent test fails