I am setting up the free version of Puppet. I cannot get a certificate on my Puppet agent server. I have Puppet master installed on Centos 7. I have Puppet Agent installed on Centos7. When I run puppet agent -t --verbose (on the agent server, when I am logged in as root), I get this error:
"Error could not request certificate: SSL_connect returned=1 errno=0 State=SSLv2/v3 read server hello A: unknown protocol"
My /etc/ssh/sshd_config file on both Linux servers is configured to allow ports 22, 443, 8140, and 61610. I tested these ports being open with ssh -p commands.
I ran `openssl s_client -connect :8140 --showcerts`
The output showed this:
...
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 5 bytes and written 0 bytes.
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session
...
I am using a version of OpenSSL from January of 2013. Why cannot my Puppet Agent server get a certificate from the Puppet Master server? I don't know how to interpret the output of the openssl command above.
Can two Linux servers use SSH when different versions of OpenSSL are installed in each of them? I have tried the openssl command above when both versions were the same. I also tried a newer version of OpenSSL.
↧
