Use custom SSL certificate

Leo · October 17, 2018, 4:22pm

We created the new keys and certificates.
After replacing the files in /var/lib/puppet/ssl/private_keys/server.pem and /var/lib/puppet/ssl/certs/server.pem

The web interface is fine.

However, the node.rb failed with the error:
SSL_connect returned=1 errno=0 state=SSLv3 read server session ticket A: sslv3 alert unsupported certificate

Can anyone help? Thanks.

tbrisker · October 18, 2018, 7:31am

Please take a look at Foreman :: Manual to make sure you didn’t miss any settings.

m4c3 · October 19, 2018, 8:33am

had the same issue: the ssl cert needs to support client authentication

ekohl · October 19, 2018, 9:41am

Have a look at

Leo · October 19, 2018, 3:45pm

Thanks guys.
m4c3 is right.
Found that when I create the csr, I need to put “extendedKeyUsage = serverAuth, clientAuth” to make node.rb works.