Hi all,
I've got foreman installed on host host1.com and am trying to use
foreman-proxy to retrieve information from the puppet master running on
host2.com (.com's are examples).
Foreman is happily retrieving reports from the puppet runs on host2, but
when I try and setup the proxy and then import classes or environments, I
get the following error in Foreman:
ERF12-2749 [ProxyAPI::ProxyException]: Unable to get environments from
Puppet ([RestClient::NotAcceptable]: 406 Not Acceptable) for proxy
https://host2.com
Checking the proxy error log, I see the following error:
E, [2015-10-28T13:30:03.665340 #31215] ERROR – : Failed to list puppet
environments: SSL_connect returned=1 errno=0 state=SSLv3 read server
certificate B: certificate verify failed
nn.nn.nn.nn - - [28/Oct/2015 13:30:03] "GET /puppet/environments HTTP/1.1"
406 131 0.3124
My /etc/foreman-proxy/settings.yml is (after stripping out the commented
lines) :
···
--- :settings_directory: /etc/foreman-proxy/settings.d :ssl_ca_file: "/var/lib/puppet/ssl/certs/ca.pem" :ssl_certificate: "/var/lib/puppet/ssl/certs/host2.com.pem" :ssl_private_key: "/var/lib/puppet/ssl/private_keys/host2.com.pem" :trusted_hosts: - host1.com :foreman_url: https://host1.com :daemon: true :https_port: 8443 :virsh_network: default :log_level: DEBUGand /etc/foreman-proxy/settings.d/puppet.yml is :
:enabled: https
:customrun_cmd: /bin/false
:customrun_args: -ay -f -s
:puppet_conf: /etc/puppet/puppet.conf
:puppetssh_command: /usr/bin/puppet agent --onetime --no-usecacheonfailure
:puppetssh_wait: false
:puppet_url: https://host2.com:8140
:ssl_ca_file: “/var/lib/puppet/ssl/certs/ca.pem”
:ssl_certificate: “/var/lib/puppet/ssl/certs/host2.com.pem”
:ssl_private_key: “/var/lib/puppet/ssl/private_keys/host2.com.pem”
Can anyone see anything obviously wrong or suggest what needs to be changed
to get this working?
Thanks,
Simon