Puppet - clearing invalid certificates

1. On the client, stop puppet
2. On the master: puppetca --clean hostname.domain.com (puppetca --list --all will list all certs)
3. On client: rm -rf /var/lib/puppet
4. On client: start puppet  

Other debugging tips:

  • start agent in debug node: puppet agent –server puppet –no-daemonize –debug
  • Check puppet configuration: puppet –configprint all
  • Check firewall restrictions, from agent server: telnet puppet 8140
  • Check agent and server can resolve each other, e.g. from puppet master, getent hosts agent-server.example.com . Add to /etc/hosts if they can't

Recent Changes