Thank you, Dirk Heinrichs. Sorry for my late reply.
The server is serveur-test.domain.fr I tested what you told me. 1 - On the Windows client server (serveur-test.domain.fr) I deleted the directory : C:\ProgramData\PuppetLabs\puppet\etc\ssl 2 - On the puppet server I cleanup certificate # puppetserver ca clean --certname serveur-test.domain.fr Certificate for serveur-test.domain.fr has been revoked Cleaned files related to serveur-test.domain.fr 3 - On the client server windows I launch "puppet agent -t " The certificate is created but then I get an error C:\Users\Administrateur>puppet agent -t Info: Creating a new SSL key for serveur-test.domain.fr Info: Caching certificate for ca Info: csr_attributes file loading from C:/ProgramData/PuppetLabs/puppet/etc/csr_attributes.yaml Info: Creating a new SSL certificate request for serveur-test.domain.fr Info: Certificate Request fingerprint (SHA256): 61:5F:8C:E0:97:17:FA:B7:41:2F:96:C9:EB:F3:71:65:E7:B8:09:C0:27:BB:EA:6A:39:92:D6:68:67:94:AC:12 Info: Caching certificate for serveur-test.domain.fr Error: request https://puppet.domain.fr:8140//puppet-ca/v1/certificate_revocation_list/ca failed: SSL_connect returned=1 errno=0 state=error: certificate verify failed Error: Could not request certificate: SSL_connect returned=1 errno=0 state=error: certificate verify failed: [unable to get issuer certificate for /CN=Puppet CA: puppet.domain.fr] Exiting; failed to retrieve certificate and waitforcert is disabled 4 - On the puppet server I check the presence of the certificate The certificate is signed # puppetserver ca list -a |grep test serveur-test.domain.fr (SHA256) 66:3E:3E:EE:EA:79:AF:0D:E4:46:9D:29:C9:68:F8:17:4E:EE:8E:FF:41:A5:85:03:1A:D0:77:1E:31:32:B5:A5 alt names: ["DNS: serveur-test.domain.fr"] I don't understand this certificate error: error : certificate verify failed Regards Stan Le mardi 22 avril 2025 à 07:50:29 UTC+2, [email protected] a écrit : > Am Freitag, dem 18.04.2025 um 08:23 -0700 schrieb puppetstan: > > I've made some progress on this. The client server (test-server.domain.fr) > is successfully registered on the Puppet master server. > > 1 - On the Puppet master server (puppet.domain.fr) : > > # puppetserver ca list -a | grep serveur-test.domain.fr > serveur-test.domain.fr (SHA256) > > 9A:98:B4:54:16:8C:32:C4:24:4E:78:39:05:32:1B:08:AF:B2:D1:73:96:3E:25:43:05:5E:EC:FA:08:12:3D:B4 > > alt names: ["DNS:serveur-test.domain.fr"] > > > Errh, is it "test-server", or "serveur-test"? > > Anyway, try to remove the certificate from both Puppet server and agent, > then run the agent again, so that it creates a new certificate (which you > need to sign again, unless you have autosigning enabled and configured for " > domain.fr". > > HTH... > > Dirk > > -- > > Dirk Heinrichs > Senior Systems Engineer, Delivery Pipeline > OpenText ™ Discovery | Recommind > Phone: +49 2226 15966 18 <+49%202226%201596618> > Email: [email protected] > Website: www.recommind.de > Recommind GmbH, Von-Liebig-Straße 1, 53359 Rheinbach > Vertretungsberechtigte Geschäftsführer Gordon Davies, Madhu > Ranganathan, Christian Waida, Registergericht Amtsgericht Bonn, > Registernummer HRB 10646 > This e-mail may contain confidential and/or privileged information. If > you are not the intended recipient (or have received this e-mail in > error) please notify the sender immediately and destroy this e-mail. > Any unauthorized copying, disclosure or distribution of the material in > this e-mail is strictly forbidden > Diese E-Mail enthält vertrauliche und/oder rechtlich geschützte > Informationen. Wenn Sie nicht der richtige Adressat sind oder diese E- > Mail irrtümlich erhalten haben, informieren Sie bitte sofort den > Absender und vernichten Sie diese Mail. Das unerlaubte Kopieren sowie > die unbefugte Weitergabe dieser Mail sind nicht gestattet. > > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion visit https://groups.google.com/d/msgid/puppet-users/e452624e-c741-463b-be57-9af4671fc32fn%40googlegroups.com.
