Hello Morgan, If you are refferring to the cert being in the conf/ssl/certs folder, then yes, our.puppet.domain.pem is in the folder. When running the 'puppet cert list --all' I see three certificates (in the SHA256 format):
- computername.our.puppet.domain - our.puppet.domain - servername.our.puppet.domain If it is a DNS issue, do I have to likely change something from the docker-compose side? On Thursday, October 18, 2018 at 2:14:54 PM UTC-7, Morgan Rhodes wrote: > > Hi Rohit, > > Is the hostname from `/CN=our.puppet.domain` showing up in your > puppetserver's certificate? You can verify that with `puppet cert list > --all` on the puppetserver container. This looks like a DNS issue. > > On Thursday, October 18, 2018 at 11:41:16 AM UTC-7, Rohit wrote: >> >> Hello, we currently have a puppet docker container setup and are >> experiencing certificate issues. Basically, in our docker setup (on our >> main server) I had generated and signed new certificates, but the puppet_db >> container keeps restarting. Here are logs from the puppet_db container: >> >> ‘Error: Could not retrieve catalog from remote server: SSL_connect >> returned=1 errno=0 state=error: certificate verify failed: [unable to get >> local issuer certificate for /CN=our.puppet.domain] >> Error: Could not retrieve catalog; skipping run >> Error: Could not send report: SSL_connect returned=1 errno=0 >> state=error: certificate verify failed: [unable to get local issuer >> certificate for /CN=our.puppet.domain]’ >> >> I have tried series of steps to solve this problem as it looks like >> Puppet is not functioning correctly as our servers are not properly >> listening to the host server. Any idea what I can do to solve this problem? >> For reference, we are running Puppet_DB version 4.2 and Puppet Server >> version 2.7.2, all of which is set up on a docker container environment on >> one server. >> > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/899d2bf7-ceed-4d9e-bd24-c4ba2cc93928%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
