ruby - Puppet 4.3.2 客户端节点无法通过 SSL 连接到 Puppet 服务器

Question

我刚刚根据 the guide in the official docs 对我所有的 Puppet 认证进行了干净的再生.

但是，我在 Google、SO 或其他任何地方似乎都没有好的线索时遇到了这个错误。

[vagrant@client puppet]$ hostname
client.example.com

[vagrant@client puppet]$ puppet --version
4.3.2

[vagrant@client puppet]$ sudo puppet config print vardir ssldir
vardir = /var/opt/puppetlabs/puppetserver
ssldir = /var/opt/puppetlabs/puppetserver/ssl

[vagrant@client puppet]$ sudo puppet agent --test --server=puppet.example.com
Warning: Unable to fetch my node definition, but the agent run will continue:
Warning: SSL_connect SYSCALL returned=5 errno=0 state=unknown state
Info: Retrieving pluginfacts
Error: /File[/var/opt/puppetlabs/puppetserver/facts.d]: Failed to generate additional resources using 'eval_generate': Connection reset by peer - SSL_connect
Error: /File[/var/opt/puppetlabs/puppetserver/facts.d]: Could not evaluate: Could not retrieve file metadata for puppet:///pluginfacts: SSL_connect SYSCALL returned=5 errno=0 state=unknown state
Info: Retrieving plugin
Error: /File[/var/opt/puppetlabs/puppetserver/lib]: Failed to generate additional resources using 'eval_generate': SSL_connect SYSCALL returned=5 errno=0 state=unknown state
Error: /File[/var/opt/puppetlabs/puppetserver/lib]: Could not evaluate: Could not retrieve file metadata for puppet:///plugins: SSL_connect SYSCALL returned=5 errno=0 state=unknown state
Error: Could not retrieve catalog from remote server: SSL_connect SYSCALL returned=5 errno=0 state=unknown state
Warning: Not using cache on failed catalog
Error: Could not retrieve catalog; skipping run
Error: Could not send report: SSL_connect SYSCALL returned=5 errno=0 state=unknown state

这is a similar error ，但对于 Ruby 中的一般 SSL，我不确定如何更改 Puppet 的密码(不要认为它已启用)。

This post seems to suggest it may be Apache's fault ，但我认为我没有使用 Apache。

有什么想法吗？

Answer 1

我遇到了同样的问题。

使用以下命令检查代理上的 ssl 目录:

sudo puppet config print ssldir

您的 ssl 目录可能不在/etc/puppetlabs/puppet/ssl 中，但可能在/opt/puppetlabs 下。从此目录中删除您的证书(或整个目录)，然后执行另一个 puppet 运行。