I have a Puppetmaster server A and a server B that is a Puppet client of A. I would like to setup server B to be a Puppetmaster itself and make server C be a Puppet client of server B. (Note: all servers are Debian squeeze.)
PM A <------ PM B <------ C
client client
I tried, but when I try to start puppetmaster on server B I get this error:
Could not prepare for execution: The certificate retrieved from the
master does not match the agent's private key.
Is this sort of chaining possible? If so, how?
Best Answer
In /etc/puppet.conf you need to specify the certs for server B as a server, and for server B as a client.
When starting puppetmasterd on serverB
To create the client cert:
then conf file