我在较新版本(6)的人偶中具有最低限度的默认人偶主/从配置,我正尝试在Virtualbox VM中为一个原型进行初始化。但是,该代理似乎无法正确连接到主服务器。
10.0.2.2 - - [14/Apr/2019:18:22:14 +0000] "GET /production/certificate/localhost? HTTP/1.1" 404 36 "-" "Ruby" 3
10.0.2.2 - - [14/Apr/2019:18:22:14 +0000] "GET /production/certificate/ca?fail_on_404=true HTTP/1.1" 200 1939 "-" "Ruby" 3
10.0.2.2 - - [14/Apr/2019:18:22:14 +0000] "GET /production/certificate/localhost? HTTP/1.1" 404 36 "-" "Ruby" 2
10.0.2.2 - - [14/Apr/2019:18:22:14 +0000] "GET /production/certificate/localhost? HTTP/1.1" 404 36 "-" "Ruby" 3
10.0.2.2 - - [14/Apr/2019:18:22:14 +0000] "GET /production/certificate/localhost? HTTP/1.1" 404 36 "-" "Ruby" 2
在我的主人上,我只有2个证书,因此很明显,请求已通过:
"localhost" (SHA256) 1C:E7:D0:FF:35:A3:5B:CA:37:02:13:CC:75:20:B5:54:42:BA:AA:C9:61:9D:02:22:B3:28:E3:C3:4D:FE:5F:CC
"slave1" (SHA256) 35:A8:C5:E8:8A:1D:58:F6:DA:EC:8A:4D:9F:30:53:3E:F8:A1:01:27:F4:D7:62:5F:82:1C:E0:6B:37:82:A8:A2
我的代理能够很好地连接到主服务器,但是,似乎永远都无法获得健康的证书:
Nothing to do
waiting to run puppet....
Info: Creating a new SSL key for localhost
Info: Caching certificate for ca
Info: csr_attributes file loading from /etc/puppet/csr_attributes.yaml
Info: Creating a new SSL certificate request for localhost
Info: Certificate Request fingerprint (SHA256): 1C:E7:D0:FF:35:A3:5B:CA:37:02:13:CC:75:20:B5:54:42:BA:AA:C9:61:9D:02:22:B3:28:E3:C3:4D:FE:5F:CC
Info: Caching certificate for ca
Notice: Did not receive certificate
Notice: Did not receive certificate
如何确定为什么出现这些404错误?
答案 0 :(得分:1)
如上所述,您必须签署证书。 对于Puppet版本6将会是
puppetserver ca sign --certname slave1
对于木偶版本<6
puppet cert sign slave1
答案 1 :(得分:0)
事实证明我没有签署请求。
为此,您只需使用puppet cert list然后使用puppet cert sign来处理未完成的请求。届时,服务器将能够输出证书,然后代理可以在本地下载和使用证书。