stackoom
  简体   繁体   中英

how did puppet agent add a domain postfix to server?

 原文  2021-10-25 03:38:48       puppet/ suse

Question

I'm new to puppet. I installed a VM with hostname puppet-mst and installed puppetserver 7 on it. Then I'm trying to sign itself. But to my surprise -- the puppet agent is trying to sign on puppet-mst.suse not puppet-mst. And even I added the item "puppet-mst.suse" to /etc/hosts, it still raises error as "Server hostname 'puppet-mst' did not match server certificate; expected one of puppet-mst.suse, DNS:puppet, DNS:puppet-mst.suse" --

puppet-mst:/etc/puppetlabs/puppet # cat /etc/hosts
127.0.0.1       localhost
192.168.160.131 puppet-mst puppet-mst.suse
puppet-mst:/etc/puppetlabs/puppet # hostname -f
puppet-mst
puppet-mst:/etc/puppetlabs/puppet # hostname
puppet-mst


puppet-mst:/etc/puppetlabs/puppet # cat puppet.conf
[main]
certname = puppet-mst
server = puppet-mst
# This file can be used to override the default puppet settings.
# See the following links for more details on what settings are available:
# - https://puppet.com/docs/puppet/latest/config_important_settings.html
# - https://puppet.com/docs/puppet/latest/config_about_settings.html
# - https://puppet.com/docs/puppet/latest/config_file_main.html
# - https://puppet.com/docs/puppet/latest/configuration.html
[server]
vardir = /opt/puppetlabs/server/data/puppetserver
logdir = /var/log/puppetlabs/puppetserver
rundir = /var/run/puppetlabs/puppetserver
pidfile = /var/run/puppetlabs/puppetserver/puppetserver.pid
codedir = /etc/puppetlabs/code


puppet-mst:/etc/puppetlabs/puppet # puppet agent --test --verbose
Info: Creating a new RSA SSL key for puppet-mst
Info: csr_attributes file loading from /etc/puppetlabs/puppet/csr_attributes.yaml
Info: Creating a new SSL certificate request for puppet-mst
Info: Certificate Request fingerprint (SHA256): 03:C4:E0:86:30:11:E8:4E:36:1A:52:DC:F7:0D:C2:78:E4:7A:D9:80:76:7E:93:92:19:4B:0C:3E:55:B7:0A:7C
Error: Server hostname 'puppet-mst' did not match server certificate; expected one of puppet-mst.suse, DNS:puppet, DNS:puppet-mst.suse
Error: Could not run: Server hostname 'puppet-mst' did not match server certificate; expected one of puppet-mst.suse, DNS:puppet, DNS:puppet-mst.suse


Does anyone know what's issue? -- I certainly put the item "server=puppet-mst" into the puppet.conf, why it still searching for this unknown site -- puppet-mst.suse? 
Please kind help. Thanks

Regards Eisen

1 answers

solution1
 0  2021-10-28 19:03:47

Update

certname = puppet-mst
server = puppet-mst

to

certname = puppet-mst.suse
server = puppet-mst.suse

And try running puppet agent -t again. If that still doesn't work you may need to regenerate the certificates, the steps to do that are here https://puppet.com/docs/puppet/7/ssl_regenerate_certificates.html As a general rule it's usefull stick to using the servers fqdn rather than the short name. I'm presuming if you run facter fqdn you get back puppet-mst.suse

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question How to reconfigure postfix with puppet? How do I run a Puppet Manifest on a Windows server with Puppet Agent? How to log puppet agent and master Puppet: Server hostname did not match server certificate Puppet compare ini file between server and agent Agent not reading /etc/sysconfig/puppet server= Install Puppet Agent on bulk windows server Puppet agent can't find server How to use multiple different puppet masters from one puppet agent? How to install puppet agent in a large scale of nodes?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM