Puppet – Certificates troubleshooting

useful link:
https://docs.puppetlabs.com/puppet/3.7/reference/ssl_regenerate_certificates.html
http://gerrit.googlecode.com/svn/documentation/2.2.1/pgm-init.html

If you get the following message:

Error: Could not request certificate: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed:

When you get this error message, try the following:

1. locate the puppetmaster’s ssl file:

puppet config print ssldir

2. Delete the ssl directory:

rm -rf ssl/

3. Restart the puppetmaster service:

service puppetmaster restart

4. On the puppet agent, then run:

puppet agent -t --trace -debug

This should work now.

The reason this problem occured is because the agent tried to contact a master with a particular ssl. It is bit like the puppetmaster signing the certificate with the wrong signature to the one the master is expecting from the agent requests.

See also:

https://docs.puppetlabs.com/background/ssl/