Hi Jesus, On Thu, Nov 22, 2018 at 6:44 AM Jesús Oliván <[email protected]> wrote:
> Hi! > > i'm experimenting a weird issue at random times when some clients are > trying to sign his certificate in their puppet masters. Here's the log > lines where error is visible: > > Info: Creating a new SSL key for pro-front-xxxx.xxx > Info: csr_attributes file loading from > /etc/puppetlabs/puppet/csr_attributes.yaml > Info: Creating a new SSL certificate request for pro-front-xxxx.xxx > Info: Certificate Request fingerprint (SHA256): > 8D:FD:25:92:06:09:D1:38:B0:74:40:28:A6:C3:5C:B4:39:6D:81:EC:97:90:67:6B:45:39:DD:7A:EC:E3:F5:F6 > Error: Could not request certificate: Error 500 on SERVER: Internal Server > Error: java.lang.NumberFormatException: For input string: "" > > > And this is the output on the same stage of another node that is working > fine with the same role/config: > > Info: Creating a new SSL key for pro-front-xxxx.xxx > Info: csr_attributes file loading from > /etc/puppetlabs/puppet/csr_attributes.yaml > Info: Creating a new SSL certificate request for pro-front-xxxx.xxx > Info: Certificate Request fingerprint (SHA256): > FD:FC:6F:D0:39:3B:78:24:2B:B9:5D:82:6E:E8:58:0B:37:63:AD:89:6F:D9:34:15:E6:D9:42:7F:AB:E5:EF:3BESC[0m > Info: Caching certificate for pro-front-xxxx.xxx > Info: Caching certificate for pro-frontend-xxxxx.xxx > Info: Using configured environment 'pro' > Info: Retrieving pluginfacts > Info: Retrieving plugin > > It's happening a few times, but it's annoying because when it occurs is > while launching several nodes to form a new cluster, so the cluster is > never formed until this "puppet not signed host" is not signed manually. > Can anyone give me some light about this, please? Specially, this line in > the "not working" node is concerning me: > > Error: Could not request certificate: Error 500 on SERVER: Internal Server > Error: java.lang.NumberFormatException: For input string: "" > Can you look at the log for the server (on the server at /var/log/puppetlabs/puppetserver/puppetserver.log) and post that. I would expect a stacktrace at the time the 500 happened pointing out the culprit in the code. The agent might be requesting a certificate with invalid values, or a bug in Puppet Server. My total wag would be that there's an issue with your serial file being zeroed out (its just a place, off the top of my head, where we read in a string and cast it to a number that could flap like you've described). - Justin > > Thanks in advance! > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/puppet-users/CAKYJm92S6m8-ahS93X6%3DELA_a%3DgBbMxNjdKS%2BVW%2BdAy8QpdtkA%40mail.gmail.com > <https://groups.google.com/d/msgid/puppet-users/CAKYJm92S6m8-ahS93X6%3DELA_a%3DgBbMxNjdKS%2BVW%2BdAy8QpdtkA%40mail.gmail.com?utm_medium=email&utm_source=footer> > . > For more options, visit https://groups.google.com/d/optout. > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CA%2B%3DBEqXSr%3Drk5_7ctgAdpPapZkYZzHfceR0zDGTnRO7_KYzrMQ%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
