Uploaded image for project: 'Puppet'
  1. Puppet
  2. PUP-9992

FAIL COMMAND "PUPPET AGENT --TEST" for puppet agent versión 6 on node client Error: Could not run: 403 "Forbidden"

    XMLWordPrintable

Details

    • Bug
    • Status: Closed
    • Normal
    • Resolution: Incomplete
    • PUP 6.5.0
    • None
    • Catalog Application
    • Other
    • Needs Assessment
    • 43890
    • 1
    • Needs Assessment

    Description

      Puppet Version: 6.8.1
      Puppet Server Version:6.5.0
      OS Name/Version: Debian 9

      Fail connect puppet agent 6 with puppetserver 6

       

       

      Desired Behavior:

      Actual Behavior:

       

      Debug: Applying settings catalog for sections main, agent, ssl
      Debug: Could not find library 'selinux' required to enable feature 'selinux'
      Debug: Using settings: adding file resource 'confdir': 'File[/etc/puppetlabs/puppet]{:path=>"/etc/puppetlabs/puppet", :ensure=>:directory, :loglevel=>:debug, :links=>:follow, :backup=>false}'
      Debug: Using settings: adding file resource 'codedir': 'File[/etc/puppetlabs/code]{:path=>"/etc/puppetlabs/code", :ensure=>:directory, :loglevel=>:debug, :links=>:follow, :backup=>false}'
      Debug: Could not find library 'cfpropertylist' required to enable feature 'cfpropertylist'
      Debug: Puppet::Type::User::ProviderUser_role_add: file roleadd does not exist
      Debug: Puppet::Type::User::ProviderPw: file pw does not exist
      Debug: Could not find library 'ldap' required to enable feature 'ldap'
      Debug: Puppet::Type::User::ProviderLdap: feature ldap is missing
      Debug: Puppet::Type::User::ProviderDirectoryservice: file /usr/bin/uuidgen does not exist
      Debug: /User[puppet]: Provider useradd does not support features libuser; not managing attribute forcelocal
      Debug: Puppet::Type::Group::ProviderPw: file pw does not exist
      Debug: Puppet::Type::Group::ProviderLdap: feature ldap is missing
      Debug: Puppet::Type::Group::ProviderDirectoryservice: file /usr/bin/dscl does not exist
      Debug: /Group[puppet]: Provider groupadd does not support features libuser; not managing attribute forcelocal
      Debug: Using settings: adding file resource 'vardir': 'File[/opt/puppetlabs/puppet/cache]{:path=>"/opt/puppetlabs/puppet/cache", :owner=>"root", :ensure=>:directory, :loglevel=>:debug, :links=>:follow, :backup=>false}'
      Debug: Using settings: adding file resource 'logdir': 'File[/var/log/puppetlabs/puppet]{:path=>"/var/log/puppetlabs/puppet", :mode=>"750", :owner=>"root", :ensure=>:directory, :loglevel=>:debug, :links=>:follow, :backup=>false}'
      Debug: Using settings: adding file resource 'statedir': 'File[/opt/puppetlabs/puppet/cache/state]{:path=>"/opt/puppetlabs/puppet/cache/state", :mode=>"1755", :ensure=>:directory, :loglevel=>:debug, :links=>:follow, :backup=>false}'
      Debug: Using settings: adding file resource 'rundir': 'File[/var/run/puppetlabs]{:path=>"/var/run/puppetlabs", :mode=>"755", :owner=>"root", :ensure=>:directory, :loglevel=>:debug, :links=>:follow, :backup=>false}'
      Debug: Using settings: adding file resource 'libdir': 'File[/opt/puppetlabs/puppet/cache/lib]{:path=>"/opt/puppetlabs/puppet/cache/lib", :ensure=>:directory, :loglevel=>:debug, :links=>:follow, :backup=>false}'
      Debug: Using settings: adding file resource 'hiera_config': 'File[/etc/puppetlabs/puppet/hiera.yaml]{:path=>"/etc/puppetlabs/puppet/hiera.yaml", :ensure=>:file, :loglevel=>:debug, :links=>:follow, :backup=>false}'
      Debug: Using settings: adding file resource 'preview_outputdir': 'File[/opt/puppetlabs/puppet/cache/preview]{:path=>"/opt/puppetlabs/puppet/cache/preview", :mode=>"750", :owner=>"root", :ensure=>:directory, :loglevel=>:debug, :links=>:follow, :backup=>false}'
      Debug: Using settings: adding file resource 'certdir': 'File[/etc/puppetlabs/puppet/ssl/certs]{:path=>"/etc/puppetlabs/puppet/ssl/certs", :mode=>"755", :owner=>"root", :ensure=>:directory, :loglevel=>:debug, :links=>:follow, :backup=>false}'
      Debug: Using settings: adding file resource 'ssldir': 'File[/etc/puppetlabs/puppet/ssl]{:path=>"/etc/puppetlabs/puppet/ssl", :mode=>"771", :owner=>"root", :ensure=>:directory, :loglevel=>:debug, :links=>:follow, :backup=>false}'
      Debug: Using settings: adding file resource 'publickeydir': 'File[/etc/puppetlabs/puppet/ssl/public_keys]{:path=>"/etc/puppetlabs/puppet/ssl/public_keys", :mode=>"755", :owner=>"root", :ensure=>:directory, :loglevel=>:debug, :links=>:follow, :backup=>false}'
      Debug: Using settings: adding file resource 'requestdir': 'File[/etc/puppetlabs/puppet/ssl/certificate_requests]{:path=>"/etc/puppetlabs/puppet/ssl/certificate_requests", :mode=>"755", :owner=>"root", :ensure=>:directory, :loglevel=>:debug, :links=>:follow, :backup=>false}'
      Debug: Using settings: adding file resource 'privatekeydir': 'File[/etc/puppetlabs/puppet/ssl/private_keys]{:path=>"/etc/puppetlabs/puppet/ssl/private_keys", :mode=>"750", :owner=>"root", :ensure=>:directory, :loglevel=>:debug, :links=>:follow, :backup=>false}'
      Debug: Using settings: adding file resource 'privatedir': 'File[/etc/puppetlabs/puppet/ssl/private]{:path=>"/etc/puppetlabs/puppet/ssl/private", :mode=>"750", :owner=>"root", :ensure=>:directory, :loglevel=>:debug, :links=>:follow, :backup=>false}'
      Debug: Using settings: adding file resource 'statefile': 'File[/opt/puppetlabs/puppet/cache/state/state.yaml]{:path=>"/opt/puppetlabs/puppet/cache/state/state.yaml", :mode=>"660", :ensure=>:file, :loglevel=>:debug, :links=>:follow, :backup=>false}'
      Debug: Using settings: adding file resource 'transactionstorefile': 'File[/opt/puppetlabs/puppet/cache/state/transactionstore.yaml]{:path=>"/opt/puppetlabs/puppet/cache/state/transactionstore.yaml", :mode=>"660", :ensure=>:file, :loglevel=>:debug, :links=>:follow, :backup=>false}'
      Debug: Using settings: adding file resource 'clientyamldir': 'File[/opt/puppetlabs/puppet/cache/client_yaml]{:path=>"/opt/puppetlabs/puppet/cache/client_yaml", :mode=>"750", :ensure=>:directory, :loglevel=>:debug, :links=>:follow, :backup=>false}'
      Debug: Using settings: adding file resource 'client_datadir': 'File[/opt/puppetlabs/puppet/cache/client_data]{:path=>"/opt/puppetlabs/puppet/cache/client_data", :mode=>"750", :ensure=>:directory, :loglevel=>:debug, :links=>:follow, :backup=>false}'
      Debug: Using settings: adding file resource 'classfile': 'File[/opt/puppetlabs/puppet/cache/state/classes.txt]{:path=>"/opt/puppetlabs/puppet/cache/state/classes.txt", :mode=>"640", :owner=>"root", :ensure=>:file, :loglevel=>:debug, :links=>:follow, :backup=>false}'
      Debug: Using settings: adding file resource 'resourcefile': 'File[/opt/puppetlabs/puppet/cache/state/resources.txt]{:path=>"/opt/puppetlabs/puppet/cache/state/resources.txt", :mode=>"640", :owner=>"root", :ensure=>:file, :loglevel=>:debug, :links=>:follow, :backup=>false}'
      Debug: Using settings: adding file resource 'deviceconfdir': 'File[/etc/puppetlabs/puppet/devices]{:path=>"/etc/puppetlabs/puppet/devices", :mode=>"750", :owner=>"root", :ensure=>:directory, :loglevel=>:debug, :links=>:follow, :backup=>false}'
      Debug: Using settings: adding file resource 'clientbucketdir': 'File[/opt/puppetlabs/puppet/cache/clientbucket]{:path=>"/opt/puppetlabs/puppet/cache/clientbucket", :mode=>"750", :ensure=>:directory, :loglevel=>:debug, :links=>:follow, :backup=>false}'
      Debug: Using settings: adding file resource 'lastrunfile': 'File[/opt/puppetlabs/puppet/cache/state/last_run_summary.yaml]{:path=>"/opt/puppetlabs/puppet/cache/state/last_run_summary.yaml", :mode=>"644", :ensure=>:file, :loglevel=>:debug, :links=>:follow, :backup=>false}'
      Debug: Using settings: adding file resource 'lastrunreport': 'File[/opt/puppetlabs/puppet/cache/state/last_run_report.yaml]{:path=>"/opt/puppetlabs/puppet/cache/state/last_run_report.yaml", :mode=>"640", :ensure=>:file, :loglevel=>:debug, :links=>:follow, :backup=>false}'
      Debug: Using settings: adding file resource 'graphdir': 'File[/opt/puppetlabs/puppet/cache/state/graphs]{:path=>"/opt/puppetlabs/puppet/cache/state/graphs", :ensure=>:directory, :loglevel=>:debug, :links=>:follow, :backup=>false}'
      Debug: Using settings: adding file resource 'pluginfactdest': 'File[/opt/puppetlabs/puppet/cache/facts.d]{:path=>"/opt/puppetlabs/puppet/cache/facts.d", :ensure=>:directory, :loglevel=>:debug, :links=>:follow, :backup=>false}'
      Debug: Using settings: adding file resource 'localedest': 'File[/opt/puppetlabs/puppet/cache/locales]{:path=>"/opt/puppetlabs/puppet/cache/locales", :ensure=>:directory, :loglevel=>:debug, :links=>:follow, :backup=>false}'
      Debug: /File[/opt/puppetlabs/puppet/cache/state]: Adding autorequire relationship with File[/opt/puppetlabs/puppet/cache]
      Debug: /File[/opt/puppetlabs/puppet/cache/lib]: Adding autorequire relationship with File[/opt/puppetlabs/puppet/cache]
      Debug: /File[/etc/puppetlabs/puppet/hiera.yaml]: Adding autorequire relationship with File[/etc/puppetlabs/puppet]
      Debug: /File[/opt/puppetlabs/puppet/cache/preview]: Adding autorequire relationship with File[/opt/puppetlabs/puppet/cache]
      Debug: /File[/etc/puppetlabs/puppet/ssl/certs]: Adding autorequire relationship with File[/etc/puppetlabs/puppet/ssl]
      Debug: /File[/etc/puppetlabs/puppet/ssl]: Adding autorequire relationship with File[/etc/puppetlabs/puppet]
      Debug: /File[/etc/puppetlabs/puppet/ssl/public_keys]: Adding autorequire relationship with File[/etc/puppetlabs/puppet/ssl]
      Debug: /File[/etc/puppetlabs/puppet/ssl/certificate_requests]: Adding autorequire relationship with File[/etc/puppetlabs/puppet/ssl]
      Debug: /File[/etc/puppetlabs/puppet/ssl/private_keys]: Adding autorequire relationship with File[/etc/puppetlabs/puppet/ssl]
      Debug: /File[/etc/puppetlabs/puppet/ssl/private]: Adding autorequire relationship with File[/etc/puppetlabs/puppet/ssl]
      Debug: /File[/opt/puppetlabs/puppet/cache/state/state.yaml]: Adding autorequire relationship with File[/opt/puppetlabs/puppet/cache/state]
      Debug: /File[/opt/puppetlabs/puppet/cache/state/transactionstore.yaml]: Adding autorequire relationship with File[/opt/puppetlabs/puppet/cache/state]
      Debug: /File[/opt/puppetlabs/puppet/cache/client_yaml]: Adding autorequire relationship with File[/opt/puppetlabs/puppet/cache]
      Debug: /File[/opt/puppetlabs/puppet/cache/client_data]: Adding autorequire relationship with File[/opt/puppetlabs/puppet/cache]
      Debug: /File[/opt/puppetlabs/puppet/cache/state/classes.txt]: Adding autorequire relationship with File[/opt/puppetlabs/puppet/cache/state]
      Debug: /File[/opt/puppetlabs/puppet/cache/state/resources.txt]: Adding autorequire relationship with File[/opt/puppetlabs/puppet/cache/state]
      Debug: /File[/etc/puppetlabs/puppet/devices]: Adding autorequire relationship with File[/etc/puppetlabs/puppet]
      Debug: /File[/opt/puppetlabs/puppet/cache/clientbucket]: Adding autorequire relationship with File[/opt/puppetlabs/puppet/cache]
      Debug: /File[/opt/puppetlabs/puppet/cache/state/last_run_summary.yaml]: Adding autorequire relationship with File[/opt/puppetlabs/puppet/cache/state]
      Debug: /File[/opt/puppetlabs/puppet/cache/state/last_run_report.yaml]: Adding autorequire relationship with File[/opt/puppetlabs/puppet/cache/state]
      Debug: /File[/opt/puppetlabs/puppet/cache/state/graphs]: Adding autorequire relationship with File[/opt/puppetlabs/puppet/cache/state]
      Debug: /File[/opt/puppetlabs/puppet/cache/facts.d]: Adding autorequire relationship with File[/opt/puppetlabs/puppet/cache]
      Debug: /File[/opt/puppetlabs/puppet/cache/locales]: Adding autorequire relationship with File[/opt/puppetlabs/puppet/cache]
      Debug: Finishing transaction 47006914087940
      Debug: Runtime environment: puppet_version=6.8.1, ruby_version=2.5.3, run_mode=agent, default_encoding=UTF-8
      Debug: Loading CA certs
      Debug: Dynamically-bound server lookup failed, falling back to ca_server setting: foremanpuppet6.dap.es
      Debug: Dynamically-bound port lookup failed; falling back to ca_port setting: 8140
      Debug: Creating new connection for https://foremanpuppet6.dap.es:8140
      Debug: Starting connection for https://foremanpuppet6.dap.es:8140
      Error: 403 "Forbidden"
      /opt/puppetlabs/puppet/lib/ruby/2.5.0/net/http/response.rb:122:in `error!'
      /opt/puppetlabs/puppet/lib/ruby/2.5.0/net/http/response.rb:131:in `value'
      /opt/puppetlabs/puppet/lib/ruby/2.5.0/net/http.rb:958:in `connect'
      /opt/puppetlabs/puppet/lib/ruby/2.5.0/net/http.rb:920:in `do_start'
      /opt/puppetlabs/puppet/lib/ruby/2.5.0/net/http.rb:915:in `start'
      /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/network/http/base_pool.rb:10:in `start'
      /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/network/http/nocache_pool.rb:14:in `with_connection'
      /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/network/http/connection.rb:345:in `with_connection'
      /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/network/http/connection.rb:198:in `block in do_request'
      /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/network/http/connection.rb:195:in `upto'
      /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/network/http/connection.rb:195:in `do_request'
      /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/network/http/connection.rb:90:in `get'
      /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/rest/routes.rb:38:in `block in get_certificate'
      /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/rest/route.rb:73:in `with_base_url'
      /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/rest/routes.rb:30:in `get_certificate'
      /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/ssl/state_machine.rb:47:in `next_state'
      /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/ssl/state_machine.rb:418:in `run_step'
      /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/ssl/state_machine.rb:386:in `block (2 levels) in run_machine'
      /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/ssl/state_machine.rb:385:in `loop'
      /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/ssl/state_machine.rb:385:in `block in run_machine'
      /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/ssl/state_machine.rb:408:in `with_lock'
      /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/ssl/state_machine.rb:384:in `run_machine'
      /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/ssl/state_machine.rb:362:in `ensure_client_certificate'
      /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/application/agent.rb:481:in `wait_for_certificates'
      /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/application/agent.rb:354:in `run_command'
      /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/application.rb:382:in `block in run'
      /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util.rb:687:in `exit_on_fail'
      /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/application.rb:382:in `run'
      /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util/command_line.rb:143:in `run'
      /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util/command_line.rb:77:in `execute'
      /opt/puppetlabs/puppet/bin/puppet:5:in `<main>'
      Error: Could not run: 403 "Forbidden"
      /opt/puppetlabs/puppet/lib/ruby/2.5.0/net/http/response.rb:122:in `error!'
      /opt/puppetlabs/puppet/lib/ruby/2.5.0/net/http/response.rb:131:in `value'
      /opt/puppetlabs/puppet/lib/ruby/2.5.0/net/http.rb:958:in `connect'
      /opt/puppetlabs/puppet/lib/ruby/2.5.0/net/http.rb:920:in `do_start'
      /opt/puppetlabs/puppet/lib/ruby/2.5.0/net/http.rb:915:in `start'
      /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/network/http/base_pool.rb:10:in `start'
      /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/network/http/nocache_pool.rb:14:in `with_connection'
      /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/network/http/connection.rb:345:in `with_connection'
      /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/network/http/connection.rb:198:in `block in do_request'
      /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/network/http/connection.rb:195:in `upto'
      /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/network/http/connection.rb:195:in `do_request'
      /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/network/http/connection.rb:90:in `get'
      /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/rest/routes.rb:38:in `block in get_certificate'
      /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/rest/route.rb:73:in `with_base_url'
      /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/rest/routes.rb:30:in `get_certificate'
      /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/ssl/state_machine.rb:47:in `next_state'
      /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/ssl/state_machine.rb:418:in `run_step'
      /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/ssl/state_machine.rb:386:in `block (2 levels) in run_machine'
      /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/ssl/state_machine.rb:385:in `loop'
      /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/ssl/state_machine.rb:385:in `block in run_machine'
      /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/ssl/state_machine.rb:408:in `with_lock'
      /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/ssl/state_machine.rb:384:in `run_machine'
      /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/ssl/state_machine.rb:362:in `ensure_client_certificate'
      /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/application/agent.rb:481:in `wait_for_certificates'
      /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/application/agent.rb:354:in `run_command'
      /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/application.rb:382:in `block in run'
      /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util.rb:687:in `exit_on_fail'
      /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/application.rb:382:in `run'
      /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util/command_line.rb:143:in `run'
      /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/util/command_line.rb:77:in `execute'
      /opt/puppetlabs/puppet/bin/puppet:5:in `<main>'

       

       

      On puppetserver the agent not fail 

      Run puppet agent with --test --trace --debug

      Debug: Facter: resolving Xen facts.
      Debug: Facter: resolving fips facts.
      Debug: Facter: fact "fips_enabled" has resolved to false.
      Debug: Puppet::Network::Format[msgpack]: feature msgpack is missing
      Debug: catalog supports formats: rich_data_json json rich_data_msgpack pson yaml dot
      Debug: Using cached connection for https://foremanpuppet6.dap.es:8140
      Debug: HTTP POST https://foremanpuppet6.dap.es:8140/puppet/v3/catalog/foremanpuppet6.dap.es returned 200 OK
      Debug: Caching connection for https://foremanpuppet6.dap.es:8140
      Info: Caching catalog for foremanpuppet6.dap.es
      Debug: Not creating default schedules: default_schedules is false
      Debug: Loaded state in 0.05 seconds
      Debug: Loaded transaction store file in 0.00 seconds
      Info: Applying configuration version '1567411168'
      Debug: Finishing transaction 47228601140260
      Debug: Storing state
      Debug: Pruned old state cache entries in 0.00 seconds
      Debug: Stored state in 0.03 seconds
      Notice: Applied catalog in 0.09 seconds
      Debug: Dynamically-bound server lookup failed, falling back to report_server setting: foremanpuppet6.dap.es
      Debug: Dynamically-bound port lookup failed; falling back to report_port setting: 8140
      Debug: Puppet::Network::Format[msgpack]: feature msgpack is missing
      Debug: report supports formats: json pson yaml
      Debug: Puppet::Network::Format[msgpack]: feature msgpack is missing
      Debug: report supports formats: json pson yaml
      Debug: Puppet::Network::Format[msgpack]: feature msgpack is missing
      Debug: report supports formats: json pson yaml
      Debug: Using cached connection for https://foremanpuppet6.dap.es:8140
      Debug: HTTP PUT https://foremanpuppet6.dap.es:8140/puppet/v3/report/foremanpuppet6.dap.es returned 200 OK
      Debug: Caching connection for https://foremanpuppet6.dap.es:8140
      Debug: Closing connection for https://foremanpuppet6.dap.es:8140

      Puppet.conf cliente agent

      [main]
      certname = debian9puppet.dap.es
      reports = foreman
      server = foremanpuppet6.dap.es
      environment = desarrollo
      [agent]
      listen = true
      masterport = 8140
      noop = false
      report = true
      runinterval = 1800
      splay = false
      splaylimit = 1800

       

      On puppetserver with puppet 5 run perfectly

       

       If you exec curl in node agent

      it's not problem

      curl -X GET --cacerppet/ssl/private_keys/debian9puppet.dap.es.pem -H 'Accept: pson' 'https://foremanpuppet6.dap.es:8140/puppet/v3/catalog/debian9puppet.dap.es?environment=desarrollo' -vvv

      Note: Unnecessary use of -X or --request, GET is already inferred.

      • Trying 10.239.213.212...
      • TCP_NODELAY set
      • Connected to foremanpuppet6.dap.es (10.239.213.212) port 8140 (#0)
      • ALPN, offering h2
      • ALPN, offering http/1.1
      • Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
      • successfully set certificate verify locations:
      • CAfile: /etc/puppetlabs/puppet/ssl/certs/ca.pem
        CApath: /etc/ssl/certs
      • TLSv1.2 (OUT), TLS header, Certificate Status (22):
      • TLSv1.2 (OUT), TLS handshake, Client hello (1):
      • TLSv1.2 (IN), TLS handshake, Server hello (2):
      • TLSv1.2 (IN), TLS handshake, Certificate (11):
      • TLSv1.2 (IN), TLS handshake, Request CERT (13):
      • TLSv1.2 (IN), TLS handshake, Server finished (14):
      • TLSv1.2 (OUT), TLS handshake, Certificate (11):
      • TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
      • TLSv1.2 (OUT), TLS handshake, CERT verify (15):
      • TLSv1.2 (OUT), TLS change cipher, Client hello (1):
      • TLSv1.2 (OUT), TLS handshake, Finished (20):
      • TLSv1.2 (IN), TLS change cipher, Client hello (1):
      • TLSv1.2 (IN), TLS handshake, Finished (20):
      • SSL connection using TLSv1.2 / AES256-SHA256
      • ALPN, server did not agree to a protocol
      • Server certificate:
      • subject: CN=foremanpuppet6.dap.es
      • start date: Aug 27 13:58:04 2019 GMT
      • expire date: Aug 24 13:58:13 2034 GMT
      • subjectAltName: host "foremanpuppet6.dap.es" matched cert's "foremanpuppet6.dap.es"
      • issuer: CN=Puppet CA: foremanpuppet6.dap.es
      • SSL certificate verify ok.
        > GET /puppet/v3/catalog/debian9puppet.dap.es?environment=desarrollo HTTP/1.1
        > Host: foremanpuppet6.dap.es:8140
        > User-Agent: curl/7.52.1
        > Accept: pson
        >
        < HTTP/1.1 200 OK
        < Date: Tue, 03 Sep 2019 12:24:01 GMT
        < Content-Type: text/pson;charset=iso-8859-1
        < X-Puppet-Version: 6.8.1
        < Vary: Accept-Encoding, User-Agent
        < Transfer-Encoding: chunked
        <
        {"tags":["role::base","role","base","role::basico", ........

       

       

       

       

      Attachments

        Activity

          People

            Unassigned Unassigned
            fjfc83 Francisco José Fernández Cabezón
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Zendesk Support