Ordering of certificate generation causes private key mismatch
There's an intermittent issue on our Foreman/Puppet installation tests causing a private key/certificate mismatch across multiple OSes.
When running the agent after, it shows errors such as:
# (in test file /usr/bin/fb-puppet-tests.bats, line 94) # `puppet agent -v -o --no-daemonize' failed # [1;31mError: Could not request certificate: The certificate retrieved from the master does not match the agent's private key. # Certificate fingerprint: B8:19:7E:01:9A:03:3F:05:88:B0:B2:C5:D8:A8:3C:C9:9B:C7:0B:AF:21:E2:28:4F:EB:E8:4E:32:C4:A4:6D:B1 # To fix this, remove the certificate from both the master and the agent and then start a puppet run, which will automatically regenerate a certficate. # On the master: # puppet cert clean foreman-el6.example.com # On the agent: # 1a. On most platforms: find /etc/puppetlabs/puppet/ssl -name foreman-el6.example.com.pem -delete # 1b. On Windows: del "/etc/puppetlabs/puppet/ssl/foreman-el6.example.com.pem" /f # 2. puppet agent -t