December 19, 2014

Puppet – Certificates troubleshooting

useful link:


You can find all my latest posts on medium.

If you get the following message:

Error: Could not request certificate: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed:

When you get this error message, try the following:

1. locate the puppetmaster’s ssl file:

puppet config print ssldir

2. Delete the ssl directory:

rm -rf ssl/

3. Restart the puppetmaster service:

service puppetmaster restart

4. On the puppet agent, then run:

puppet agent -t --trace -debug

This should work now.

The reason this problem occured is because the agent tried to contact a master with a particular ssl. It is bit like the puppetmaster signing the certificate with the wrong signature to the one the master is expecting from the agent requests.

See also: