Puppet: Server hostname did not match server certificate
Solution 1
There are a variety of causes for this problem, Please list your puppet.conf.
But from top, it looks like some mismatch between the name in the certificate generated by the master and the host name of the server. Perhaps between when you generated the certificate and rebooted, the hostname had been changed, as hostname changes sometimes do not take affect until after a reboot.
puppetlabs Offical documentaion helps to resolve this issue, please follow this link: https://docs.puppetlabs.com/guides/troubleshooting.html?_ga=1.110966791.343491524.1432986084#agents-are-failing-with-a-hostname-was-not-match-with-the-server-certificate-error-whats-wrong. It may be as simple as setting the certname value in /etc/puppet/conf and restarting the master.
Solution 2
Instead of issuing --server
on the command line, just add add server=...
in the [main]
section of the agent's puppet.conf
file.
Robert
A smart man makes a mistake, learns from it, and never makes that mistake again. But a wise man finds a smart man and learns from him how to avoid the mistake altogether. SOreadytohelp
Updated on June 04, 2022Comments
-
Robert almost 2 years
I installed Puppet Enterprise on two virtual machines (one master and one node). When I try to run my agent manually with puppet agent -t i get the error
Server hostname '192.168....' did not match server certificate; expected one of host-192-168-.....localdomain.
If i run this by adding
--server host-192-168.....localdomain
it works, but this way i can do this manually and after its ownrunInterval
it doesn't work so on my puppet console it says it is Unresponsive. I guess this is because on its own it gets the error i mentioned earlier so my master can't receive any reports from this node.Can someone please help me with this? How can i make so my node's agent is contacting the master with the proper server certificate name?
puppet.conf from node:
[main] vardir = ... logdir = ... rundir = ... basemodulepath = ... user = ... group = ... archive_files = ... [agent] report = ... classfile = ... localconfig = ... graph = ... pluginsync = ... environment = ... server = 192.168.10.39 certname = 192.168.10.40 noop = true runinterval = 1800
If i put server = host-... (in main) nothing changes. I think I can't change the server from [agent] part, because there should be the master ip (i believe) ...
I tried what was on that link and now my puppet agent -t doesn't do anything anymore on my node. For better understandig, i'm posting my puppet.conf from master:
[main] certname = host-192-168-10-39.localdomain vardir = /var/opt/lib/pe-puppet logdir = /var/log/pe-puppet rundir = /var/run/pe-puppet basemodulepath = /opt/alu/deploy/puppet/modules:/etc/puppetlabs/puppet.... environmentpath = /opt/alu/deploy/puppet/environments server = 192.168.10.39 user = pe-puppet group = pe-puppet archive_files = true archive_files_server = 192.168.10.39 module_groups = base+pe_only dns_alt_names = puppet [agent] report = true classfile = $vardir/classes.txt localconfig = $vardir/localconfig graph = true pluginsync = true environment = production noop = true runinterval = 1800 [master] node_terminus = classfier ca_server = host-192-168-10-39.localdomain reports = console,puppetdb storeconfigs = true storeconfigs_backend = puppetdb certname = 192-168-10-39.localdomain server = 192.168.10.39 always_cache_features = true default_manifest = /opt/alu/deploy/puppet/manifests/default.pp
Error from puppet agent -t : http://i62.tinypic.com/34ijlmu.png