Setup Puppet Certs Autosign

andrzej · June 12, 2020, 10:24am

I have as well issue with this task
It failed wit message:

it seems like ‘autosign’ config file under ‘/etc/puppetlabs/puppet’ is not configured properly as per ‘dns_alt_name’ on puppet master i.e Jump Server
Most likely there is a typo as it should be: dns_alt_names

Please have a look !

urbansumo · June 12, 2020, 11:32am

I also failed at this task with very same error, but not sure if I missed something or the marking system is bugged. I got all my client certificates autosigned OK but hitting FINISH I got this error. any hints as to what i may have missed?

andrzej · June 12, 2020, 11:44am

Let see. I think that typo is an issue and validation script is looking for dns_alt_name and not for dns_alt_names. But let see what KKE team responds.

francilio · June 12, 2020, 2:43pm

Did you configure the autosign.conf file? Which domain names did you put in there?

Goldenor · June 12, 2020, 3:10pm

The same issue here

ahmedkuet · June 13, 2020, 1:10am

@andrzej, I think you have to add, “autosign = true” under [master] section of puppet.conf file.

wfranca · June 13, 2020, 5:22am

The same result for me

andrzej · June 13, 2020, 5:51am

i dont think so, u see in screenshots that autosign works fine.

Inderpreet · June 13, 2020, 6:36am

Thanks for reporting this guys, this question was having some missing information and we have modified it to add required details. This task has been marked as Pending for all who failed it so they can give it an another shot.

Jenna · June 13, 2020, 1:10pm

@Inderpreet

I kept getting
puppet-agent[494]: bad component(expected host component): jump_host.stratos.xfusioncorp.com
at the client restart puppet.

what did i do wrong?

Tej-Singh-Rana · June 13, 2020, 4:30pm

Have you did entry alias name in your /etc/hosts?

Nautilus · June 14, 2020, 7:00am

Why does it says to use dns_alt_name instead of dns_alt_names.

Is this correct?

andrzej · June 14, 2020, 7:13am

It is partially correct. The option is dns_alt_names and list all aliases for puppetserver. So to add one alias you can unofficially name it dns_alt_name.

raiveton · June 16, 2020, 5:42am

Hi all! I got this message:

- Make sure puppet has signed certificates for ‘master’ node as well as for all ‘agent’ nodes

but testing puppet agents works…

blindcant · June 16, 2020, 8:51am

I had the same problem with this task yesterday but mine is still marked as failed. Will mine be marked as pending so I can do it again?

- puppet 'autosign' config file is not found under '/etc/puppetlabs/puppet' on puppet master i.e Jump Server

blindcant · June 24, 2020, 7:39am

My task is still marked as failed, will it be marked as pending like the other people?

blindcant · June 28, 2020, 11:00am

@Inderpreet my initial attempt at this task is still marked as failed, I just redid that task with I believe the same steps and it worked this time and is marked as successful. According to this thread there was a bug in this task and people got another chance to re do it (marked as pending) or in another thread with a user named Jenna you marked it as complete (successful). Can you please either mark my first attempt as pending or sucessful?

Inderpreet · July 10, 2020, 8:28am

@raiveton @blindcant can you please share your KKE username ?

blindcant · July 17, 2020, 10:45am

I sent it through as a message, did you get it?

Inderpreet · July 18, 2020, 5:31pm

@blindcant can you please share here instead.