Puppet: Server hostname did not match server certificate

11,298

Solution 1

There are a variety of causes for this problem, Please list your puppet.conf.

But from top, it looks like some mismatch between the name in the certificate generated by the master and the host name of the server. Perhaps between when you generated the certificate and rebooted, the hostname had been changed, as hostname changes sometimes do not take affect until after a reboot.

puppetlabs Offical documentaion helps to resolve this issue, please follow this link: https://docs.puppetlabs.com/guides/troubleshooting.html?_ga=1.110966791.343491524.1432986084#agents-are-failing-with-a-hostname-was-not-match-with-the-server-certificate-error-whats-wrong. It may be as simple as setting the certname value in /etc/puppet/conf and restarting the master.

Solution 2

Instead of issuing --server on the command line, just add add server=... in the [main] section of the agent's puppet.conf file.

Share:
11,298
Robert
Author by

Robert

A smart man makes a mistake, learns from it, and never makes that mistake again. But a wise man finds a smart man and learns from him how to avoid the mistake altogether. SOreadytohelp

Updated on June 04, 2022

Comments

  • Robert
    Robert almost 2 years

    I installed Puppet Enterprise on two virtual machines (one master and one node). When I try to run my agent manually with puppet agent -t i get the error

    Server hostname '192.168....' did not match server certificate; expected one of host-192-168-.....localdomain. 
    

    If i run this by adding --server host-192-168.....localdomain it works, but this way i can do this manually and after its own runInterval it doesn't work so on my puppet console it says it is Unresponsive. I guess this is because on its own it gets the error i mentioned earlier so my master can't receive any reports from this node.

    Can someone please help me with this? How can i make so my node's agent is contacting the master with the proper server certificate name?

    puppet.conf from node:

    [main]
    
    vardir = ...
    logdir = ...
    rundir = ...
    basemodulepath = ...
    user = ...
    group = ...
    archive_files = ...
    
    [agent]
    
    report = ...
    classfile = ...
    localconfig = ...
    graph = ...
    pluginsync = ...
    environment = ...
    server = 192.168.10.39
    certname = 192.168.10.40
    noop = true
    runinterval = 1800
    

    If i put server = host-... (in main) nothing changes. I think I can't change the server from [agent] part, because there should be the master ip (i believe) ...

    I tried what was on that link and now my puppet agent -t doesn't do anything anymore on my node. For better understandig, i'm posting my puppet.conf from master:

    [main]
    
    certname = host-192-168-10-39.localdomain
    vardir = /var/opt/lib/pe-puppet
    logdir = /var/log/pe-puppet
    rundir = /var/run/pe-puppet
    basemodulepath = /opt/alu/deploy/puppet/modules:/etc/puppetlabs/puppet....
    environmentpath = /opt/alu/deploy/puppet/environments
    server = 192.168.10.39
    user = pe-puppet
    group = pe-puppet
    archive_files = true
    archive_files_server = 192.168.10.39
    module_groups = base+pe_only
    dns_alt_names = puppet
    
    [agent]
    
    report = true
    classfile = $vardir/classes.txt
    localconfig = $vardir/localconfig
    graph = true
    pluginsync = true
    environment = production
    noop = true
    runinterval = 1800
    
    [master]
    
    node_terminus = classfier
    ca_server = host-192-168-10-39.localdomain
    reports = console,puppetdb
    storeconfigs = true
    storeconfigs_backend = puppetdb
    certname = 192-168-10-39.localdomain
    server = 192.168.10.39
    always_cache_features = true
    default_manifest = /opt/alu/deploy/puppet/manifests/default.pp
    

    Error from puppet agent -t : http://i62.tinypic.com/34ijlmu.png