Puppet master certificate expired after 5y
i know how to regenerate certificates for puppet alone, how to do it when integrated with foreman
Problem:
Expected outcome:
Foreman and Proxy versions:
Foreman and Proxy plugin versions:
Distribution and version:
Other relevant data:
puppet agent -t
Info: Not using expired certificate for ca from cache; expired at Tue Apr 07 23:15:43 UTC 2020
Info: Not using expired certificate for ca from cache; expired at Tue Apr 07 23:15:43 UTC 2020
Info: Not using expired certificate for ca from cache; expired at Tue Apr 07 23:15:43 UTC 2020
Error: Could not request certificate: stack level too deep
Exiting; failed to retrieve certificate and waitforcert is disabled
Foreman just uses the files so you can just use the Puppet tooling. However, since the versions you’re using are so old I don’t recall any specifics.
Steps i followed to renew the puppet certs
master:
rm -rf /var/lib/puppet/ssl/
puppet master --no-daemonize --verbose
restart the puppet and httpd service
after that im able to add new client server to puppet but foreman UI is not coming up
any help?
Without errors there’s no telling why it doesn’t come up.
Foreman 1.12 has been EOL for several years by now. The currently supported versions are 1.24 and 2.0. It is very unlikely many people have a working 1.12 environment and can assist you with the exact commands needed to fix this issue. I would highly recommend upgrading to newer supported versions (btw, puppet 3 is also long EOL by now).
any luck in this if this is sorted we are also facing the same issue…
seems like there is no process so far to renew the expired certs for CA/foreman