I have a puppetmaster server and four puppet agent clients. Here I'm attaching my puppet.conf files and hosts in all node. When I call 'puppet cert list' it returns nothing.
But, when called with –all flags it returns the certificate of its own.
I can able to ping puppet, puppetmaster from all agents. 'puppet agent –test' on agents gives the following,
Exiting; no certificate found and waitforcert is disabled
How can I get the certificate requests to master from agents. Can anyone give me a solution to this problem?
[1] puppet.conf
https://drive.google.com/file/d/0ByrsDKrxH15uaThvQm9VRHBtaTg/view?usp=sharing
[2]hosts
https://drive.google.com/file/d/0ByrsDKrxH15uVktSYmhDN1NHaGc/view?usp=sharing
Best Answer
The first time you run:
on a new puppet client, it creates a certificate request which is sent to the puppet master (as configured in the client's /etc/puppet/puppet.conf).
Then, on the puppet master you should run:
Identify the relevant certificate and then sign it:
Make sure that the certificate request which is created in the puppet master is identified by a the puppet client's hostname rather than IP cause otherwise it may cause you problems in the future.
Also, make sure that the time on both puppet master and client is sync'ed.
After the certificate is signed properly in the puppet master, you should run again on the client:
Then, the client should download puppet catalog and run the tasks.