05 Oct 2011

Uggh - "Puppet hostname doesnt match server certificate"

Wow, this one stumped me for the better part of 12 hrs… So Puppet (the Ruby Gem) uses SSL certificates to authenticate to the Puppet Master.  I kept receiving the warning listed in the title of this post no matter how I altered my configs. Here’s the short version: Determine what Fully Qualified Domain Name is being used by the PuppetMaster to created the signing cert.  On my virtual platform this ended up being the hostname Add that hostname/FQDN and it’s IP address to your PuppetClient’s /etc/hosts like so: 173.999.999.999    hostname Now start up the PuppetMaster Server with the following command # puppetmasterd --verbose --no-daemonize Now invoke the puppet client like so: puppet agent --no-daemonize --verbose --server=HostnameOfServer Finally, now that we know it’s working well edit the /etc/puppet/puppet.conf on Puppet Client so that you have a server entry in the [main] section: [main] server=HostnameOfServer Tada!   Source of partial answer: Puppet hostname doesnt match server certificate - Server Fault.