Page MenuHomePhabricator

Error when decommissioning if Puppet cert clean hasn't been run on puppet-master

Authored By
madhuvishy
Aug 1 2016, 11:34 PM
Size
747 B
Referenced Files
None
Subscribers
None

Error when decommissioning if Puppet cert clean hasn't been run on puppet-master

madhuvishy@tools-worker-1010:~$ sudo puppet agent -tv
Error: Could not request certificate: The certificate retrieved from the master does not match the agent's private key.
Certificate fingerprint: 37:0A:78:07:F0:98:E6:8A:A1:5E:E9:1B:C1:A7:05:C4:D1:F6:7F:B7:54:63:E6:6A:40:0D:8A:BB:50:10:B0:46
To fix this, remove the certificate from both the master and the agent and then start a puppet run, which will automatically regenerate a certficate.
On the master:
puppet cert clean tools-worker-1010.tools.eqiad.wmflabs
On the agent:
1a. On most platforms: find /var/lib/puppet/ssl -name tools-worker-1010.tools.eqiad.wmflabs.pem -delete
1b. On Windows: del "/var/lib/puppet/ssl/tools-worker-1010.tools.eqiad.wmflabs.pem" /f
2. puppet agent -t

File Metadata

Mime Type
text/plain; charset=utf-8
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
3897830
Default Alt Text
Error when decommissioning if Puppet cert clean hasn't been run on puppet-master (747 B)

Event Timeline