Problem:
hello. When trying to deploy puppet modules with the command below
foreman-installer --foreman-proxy-puppet true \
--foreman-proxy-puppetca true \
--foreman-proxy-content-puppet true \
--enable-puppet \
--puppet-server true \
--puppet-server-foreman-ssl-ca /etc/pki/katello/puppet/puppet_client_ca.crt \
--puppet-server-foreman-ssl-cert /etc/pki/katello/puppet/puppet_client.crt \
--puppet-server-foreman-ssl-key /etc/pki/katello/puppet/puppet_client.key \
--puppet-server-foreman-url "https://host.domain.ru"
I get an error
2022-12-06 15:30:52 [NOTICE] [configure] 1750 configuration steps out of 1809 steps complete.
2022-12-06 15:30:56 [ERROR ] [configure] Proxy host.domain.ru has failed to load one or more features (Puppet), check /var/log/foreman-proxy/proxy.log for configuration errors
2022-12-06 15:30:56 [ERROR ] [configure] /Stage[main]/Foreman_proxy::Register/Foreman_smartproxy[host.domain.ru]/features: change from ["Logs", "Pulpcore"] to ["Logs", "Pulpcore", "Puppet", "Puppet CA"] failed: Proxy host.domain.ru has failed to load one or more features (Puppet), check /var/log/foreman-proxy/proxy.log for configuration errors
2022-12-06 15:30:57 [ERROR ] [configure] /Stage[main]/Foreman_proxy::Register/Foreman_smartproxy[host.domain.ru]: Failed to call refresh: Proxy host.domain.ru has failed to load one or more features (Puppet), check /var/log/foreman-proxy/proxy.log for configuration errors
2022-12-06 15:30:57 [ERROR ] [configure] /Stage[main]/Foreman_proxy::Register/Foreman_smartproxy[host.domain.ru]: Proxy host.domain.ru has failed to load one or more features (Puppet), check /var/log/foreman-proxy/proxy.log for configuration errors
2022-12-06 15:31:00 [NOTICE] [configure] System configuration has finished.
in proxy.log I see an enumeration of certificates, there are no errors. At the very bottom I see
2022-12-06T15:30:53 [I] WEBrick::HTTPServer#start: pid=13722 port=9090
2022-12-06T15:30:53 [I] Smart proxy has launched on 1 socket(s), waiting for requests
2022-12-06T15:30:55 dad0aa65 [I] Started GET /v2/features
2022-12-06T15:30:55 dad0aa65 [I] Finished GET /v2/features with 200 (390.86 ms)
2022-12-06T15:30:55 dad0aa65 [I] Started GET /v2/features
2022-12-06T15:30:56 dad0aa65 [I] Finished GET /v2/features with 200 (348.65 ms)
2022-12-06T15:30:56 86caf614 [I] Started GET /v2/features
2022-12-06T15:30:56 86caf614 [I] Finished GET /v2/features with 200 (351.38 ms)
2022-12-06T15:30:56 86caf614 [I] Started GET /v2/features
2022-12-06T15:30:57 86caf614 [I] Finished GET /v2/features with 200 (399.09 ms)
to be honest, only such an entry in one of the certificates is confusing in the log file
X509v3 Basic Constraints:
CA:FALSE
X509v3 Key Usage:
Digital Signature, Non Repudiation, Key Encipherment, Data Encipherment
if you look in /etc/pki/katello/puppet/, you can see there that the puppet certificate is signed by the same CA as the katello certificate (when installing the foreman server, I immediately configured https by issuing a self-signed certificate).
Expected outcome:
puppetserver its worked
Foreman and Proxy versions:
3.4
Foreman and Proxy plugin versions:
3.4.0
Distribution and version:
puppetserver7
Other relevant data: