I'm trying to install Foreman 1.11 on a fresh install of Ubuntu server
14.04 on a Qemu/kvm virtual machine. I followed the instructions in the
manual, including editing /etc/hosts so that the FQDN points to the IP
address. When I run foreman-installer, I get:
Installing Notice: /Stage[main]/Puppet::Server::Config/Exec[p
[99%] /usr/bin/puppet cert --generate [FQDN here] returned 23 instead of
one of [0]
The installer log shows:
[ WARN 2016-05-03 10:37:39 main]
/Stage[main]/Puppet::Server::Config/Exec[puppet_server_config-generate_ca_cert]/returns:
Error: The certificate retrieved from the master does not match the agent's
private key.
Any ideas?
thanks,
Steve Gaarder
The agent might already be configured to use another Puppet master, and
may even have contacted one itself if it's available on the local
network (it's usually preconfigured to resolve the name 'puppet').
You may want to stop the agent, move /var/lib/puppet/ssl, then run the
generate command yourself before re-running the installer. You may need
to restart apache2 and foreman-proxy to ensure the new certificate is
picked up.
···
On 03/05/16 15:44, Steve Gaarder wrote:
> I'm trying to install Foreman 1.11 on a fresh install of Ubuntu server
> 14.04 on a Qemu/kvm virtual machine. I followed the instructions in the
> manual, including editing /etc/hosts so that the FQDN points to the IP
> address. When I run foreman-installer, I get:
>
> Installing Notice:
> /Stage[main]/Puppet::Server::Config/Exec[p [99%] /usr/bin/puppet cert
> --generate [FQDN here] returned 23 instead of one of [0]
>
> The installer log shows:
>
> [ WARN 2016-05-03 10:37:39 main]
> /Stage[main]/Puppet::Server::Config/Exec[puppet_server_config-generate_ca_cert]/returns:
> Error: The certificate retrieved from the master does not match the
> agent's private key.
–
Dominic Cleal
dominic@cleal.org
That was it. I do have another Puppet master under the name "puppet". I
modified the firewall on that machine to block connections from the Foreman
machine, and the install went fine.
thanks,
Steve
···
On Wednesday, May 4, 2016 at 5:04:12 AM UTC-4, Dominic Cleal wrote:
>
> On 03/05/16 15:44, Steve Gaarder wrote:
> > I'm trying to install Foreman 1.11 on a fresh install of Ubuntu server
> > 14.04 on a Qemu/kvm virtual machine. I followed the instructions in the
> > manual, including editing /etc/hosts so that the FQDN points to the IP
> > address. When I run foreman-installer, I get:
> >
> > Installing Notice:
> > /Stage[main]/Puppet::Server::Config/Exec[p [99%] /usr/bin/puppet cert
> > --generate [FQDN here] returned 23 instead of one of [0]
> >
> > The installer log shows:
> >
> > [ WARN 2016-05-03 10:37:39 main]
> >
> /Stage[main]/Puppet::Server::Config/Exec[puppet_server_config-generate_ca_cert]/returns:
>
> > Error: The certificate retrieved from the master does not match the
> > agent's private key.
>
> The agent might already be configured to use another Puppet master, and
> may even have contacted one itself if it's available on the local
> network (it's usually preconfigured to resolve the name 'puppet').
>
> You may want to stop the agent, move /var/lib/puppet/ssl, then run the
> generate command yourself before re-running the installer. You may need
> to restart apache2 and foreman-proxy to ensure the new certificate is
> picked up.
>
> --
> Dominic Cleal
> dom...@cleal.org
>
