Ita*_*not 8 puppet puppetmaster
我正在尝试配置我的 clinet 'Itai-test' 以从称为“puppetmaster”的人偶服务器接收人偶设置。
在我运行的服务器上:
[root@puppetmaster requests]# puppet cert --generate itai-test.domain
Error: A Certificate already exists for itai-test.domain
[root@puppetmaster requests]# puppet cert --sign itai-test.domain
Error: Could not find certificate request for itai-test.domain
[root@puppetmaster requests]#
在我运行的傀儡客户端上:
[root@itai-test temp]# puppet agent --server puppetmaster.domain --waitforcert 60 --test
Notice: Did not receive certificate
Notice: Did not receive certificate
Notice: Did not receive certificate
更多信息:在服务器上:
[root@puppetmaster ~]# puppet cert --revoke Itai-test
Error: Could not find a serial number for itai-test
[root@puppetmaster ~]# puppet cert --revoke itai-test
Error: Could not find a serial number for itai-test
[root@puppetmaster ~]# puppet cert --clean itai-test
Error: Could not find a serial number for itai-test
[root@puppetmaster ~]# puppet cert --list
[root@puppetmaster ~]# puppet cert --sign itai-test
Error: Could not find certificate request for itai-test
[root@puppetmaster ~]#
在客户端:
[root@itai-test ~]# rm -rf /usr/lib/puppet/ssl
[root@itai-test ~]# puppet agent --server puppetmaster.domain --waitforcert 60
[root@itai-test ~]# ping puppetmaster.domain
PING puppetmaster (192.168.X.X) 56(84) bytes of data.
64 bytes from puppetmaster (192.168.X.X): icmp_seq=1 ttl=64 time=0.294 ms
ptm*_*man 12
你的客户知道如何找到服务器吗?
root@client# ping puppet
客户端连接到服务器时将使用什么证书名称?
root@client# puppet config print certname
删除客户端上的 ssl 详细信息
root@client# rm -rf /var/lib/puppet/ssl
删除服务器上客户端的所有痕迹
root@puppet# puppet node clean $client_certname
root@puppet# puppet node deactivate $client_certname