我目前在更新 Puppet 证书后遇到了问题。我对客户端 SSL 文件夹进行了干净的备份,并执行了puppet agent ‑t.
谁能帮我?
这是代码。
[root@pupcltlp0001 AEST /etc/puppetlabs/puppet]# puppet agent -t
Info: Creating a new SSL key for pupcltlp0001.dt.network
Info: csr_attributes file loading from /etc/puppetlabs/puppet/csr_attributes.yaml
Info: Creating a new SSL certificate request for pupcltlp0001.dt.network
Info: Certificate Request fingerprint (SHA256): FE:E8:C5:3C:11:84:82:CF:99:B6:52:C8:C3:1A:C1:DC:5E:6D:CD:F0:61:EB:86:F2:59:05:00:CB:34:83:C3:AA
Info: Caching certificate for pupcltlp0001.dt.network
Error: request https://pupet-master.dt.network:8140//puppet-ca/v1/certificate_revocation_list/ca failed: SSL_connect returned=1 errno=0 state=error: certificate verify failed
Error: Could not request certificate: SSL_connect returned=1 errno=0 state=error: certificate verify failed: [unable to get issuer certificate for /CN=Puppet CA: pupet-master.dt.network]
Exiting; failed to retrieve certificate and waitforcert is disabled
[root@pupcltlp0001 AEST /etc/puppetlabs/puppet]# puppet agent -t
Warning: Unable to fetch my node definition, but the agent run will continue:
Warning: SSL_connect returned=1 errno=0 state=error: certificate verify failed: [unable to get local issuer certificate for /CN=pupet-master.dt.network]
Info: Retrieving pluginfacts
Error: /File[/opt/puppetlabs/puppet/cache/facts.d]: Failed to generate additional resources using 'eval_generate': Failed to open TCP connection to pupet-master.dt.network:8140 (No route to host - connect(2) for "pupet-master.dt.network" port 8140)
Error: /File[/opt/puppetlabs/puppet/cache/facts.d]: Could not evaluate: Could not retrieve file metadata for puppet:///pluginfacts: SSL_connect returned=1 errno=0 state=error: certificate verify failed: [unable to get local issuer certificate for /CN=pupet-master.dt.network]
Info: Retrieving plugin
Error: /File[/opt/puppetlabs/puppet/cache/lib]: Failed to generate additional resources using 'eval_generate': SSL_connect returned=1 errno=0 state=error: certificate verify failed: [unable to get local issuer certificate for /CN=vlxpup5lp01.dt.network]
Error: /File[/opt/puppetlabs/puppet/cache/lib]: Could not evaluate: Could not retrieve file metadata for puppet:///plugins: SSL_connect returned=1 errno=0 state=error: certificate verify failed: [unable to get local issuer certificate for /CN=pupet-master.dt.network]
Info: Loading facts
Error: Could not retrieve catalog from remote server: SSL_connect returned=1 errno=0 state=error: certificate verify failed: [unable to get local issuer certificate for /CN=pupet-master.dt.network]
Warning: Not using cache on failed catalog
Error: Could not retrieve catalog; skipping run
You have new mail in /var/spool/mail/root
[root@pupcltlp0001 AEST /etc/puppetlabs/puppet]# puppet --version
5.5.22