我可以在puppet Enterprise Console ::
中看到以下错误 Could not retrieve facts from inventory service: SSL_connect returned=1 errno=0 state=SSLv3 read server session ticket A: sslv3 alert certificate revoked
我也遵循了以下步骤::
我在Windows puppet Enterprise客户端上运行了puppet agent -t。
我运行了puppet证书列表并从master签署了客户证书。
我再次运行木偶代理-t但我在控制台上遇到以下错误::
Warning: Unable to fetch my node definition, but the agent run will continue: Warning: SSLconnect returned=1 errno=0 state=SSLv3 read server certificate B: c ertificate verify failed: [certificate revoked for /CN=learn.localdomain] Info: Retrieving plugin Error: /File[C:/ProgramData/PuppetLabs/puppet/var/lib]: Failed to generate addit ional resources using 'evalgenerate': SSLconnect returned=1 errno=0 state=SSLv 3 read server certificate B: certificate verify failed: [certificate revoked for /CN=learn.localdomain] Error: /File[C:/ProgramData/PuppetLabs/puppet/var/lib]: Could not evaluate: SSL connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate ve rify failed: [certificate revoked for /CN=learn.localdomain] Could not retrieve file metadata for puppet://learn.localdomain/plugins: SSLconnect returned=1 err no=0 state=SSLv3 read server certificate B: certificate verify failed: [certific ate revoked for /CN=learn.localdomain] Info: Loading facts in C:/ProgramData/PuppetLabs/puppet/var/lib/facter/concatba sedir.rb Info: Loading facts in C:/ProgramData/PuppetLabs/puppet/var/lib/facter/customau thconf.rb Info: Loading facts in C:/ProgramData/PuppetLabs/puppet/var/lib/facter/facterdo td.rb Info: Loading facts in C:/ProgramData/PuppetLabs/puppet/var/lib/facter/ip6tables version.rb Info: Loading facts in C:/ProgramData/PuppetLabs/puppet/var/lib/facter/iptables persistentversion.rb Info: Loading facts in C:/ProgramData/PuppetLabs/puppet/var/lib/facter/iptables version.rb Info: Loading facts in C:/ProgramData/PuppetLabs/puppet/var/lib/facter/peversio n.rb Info: Loading facts in C:/ProgramData/PuppetLabs/puppet/var/lib/facter/postgres defaultversion.rb Info: Loading facts in C:/ProgramData/PuppetLabs/puppet/var/lib/facter/puppetdb serverstatus.rb Info: Loading facts in C:/ProgramData/PuppetLabs/puppet/var/lib/facter/puppetva rdir.rb Info: Loading facts in C:/ProgramData/PuppetLabs/puppet/var/lib/facter/roothome .rb Info: Loading facts in C:/ProgramData/PuppetLabs/puppet/var/lib/facter/windows.r b Error: Could not retrieve catalog from remote server: SSLconnect returned=1 err no=0 state=SSLv3 read server certificate B: certificate verify failed: [certific ate revoked for /CN=learn.localdomain] Warning: Not using cache on failed catalog Error: Could not retrieve catalog; skipping run Error: Could not send report: SSL_connect returned=1 errno=0 state=SSLv3 read se rver certificate B: certificate verify failed: [certificate revoked for /CN=lear n.localdomain]是
答案 0 :(得分:9)
我猜你的证书没有从主人那里删除。
要清理客户端证书,您需要运行以下命令:
puppet cert -c <hostname> rm -rf /var/lib/puppet/ssl(假设您的ssl证书位于此位置)来源:http://inuits.eu/blog/puppet-sslv3-alert-certificate-revoked
希望这有帮助。