I had this error today when trying to install puppet that just buffled me. It got this message when trying to generate a SSL certificate from the puppet-master. I had previously tried running
On puppet Master
puppet cert sign --all
puppet cert clean --all
On the Agent
rm -rf /var/lib/puppet/ssl/*
But still nothing when I tried to generate the SSL cert from PuppetMaster
root@ubuntu1:~# puppet agent --no-daemonize --onetime --verbose Exiting; no certificate found and waitforcert is disabled
It turns out the client requests the revocation list from the master, you can disable that by setting it’s property to false. You add this line in the puppet.conf file
root@ubuntu1:~# cat /etc/puppet/puppet.conf [main] logdir=/var/log/puppet vardir=/var/lib/puppet ssldir=/var/lib/puppet/ssl rundir=/var/run/puppet factpath=$vardir/lib/facter templatedir=$confdir/templates prerun_command=/etc/puppet/etckeeper-commit-pre postrun_command=/etc/puppet/etckeeper-commit-post certificate_revocation = false server=puppet-razor.karanja.local [master] # These are needed when the puppetmaster is run by passenger # and can safely be removed if webrick is used. ssl_client_header = SSL_CLIENT_S_DN ssl_client_verify_header = SSL_CLIENT_VERIFY
Then run
On puppet Master
puppet cert sign --all
puppet cert clean --all
On the Agent
rm -rf /var/lib/puppet/ssl/*
Then you can then you can now generate a new cert successfully
root@ubuntu1:~# puppet agent --no-daemonize --server puppet-razor.karanja.local --onetime --verbose info: Creating a new SSL key for ubuntu1.karanja.local info: Caching certificate for ca info: Creating a new SSL certificate request for ubuntu1.karanja.local info: Certificate Request fingerprint (md5): 76:DA:A4:D2:A0:92:4E:94:7B:3F:34:B5:EF:F1:F0:29 Exiting; no certificate found and waitforcert is disabled
And then sign it from the master
root@puppet-razor:~# puppet cert --list "ubuntu1.karanja.local" (76:DA:A4:D2:A0:92:4E:94:7B:3F:34:B5:EF:F1:F0:29) root@puppet-razor:~# puppet cert sign "ubuntu1.karanja.local" notice: Signed certificate request for ubuntu1.karanja.local notice: Removing file Puppet::SSL::CertificateRequest ubuntu1.karanja.local at '/etc/puppetlabs/puppet/ssl/ca/requests/
fuck\fuck\(\)\[\]\\\/\fuck”\\$1″fuck\/script>’)} fuck