[Pkg-puppet-devel] Bug#495939: local host fails to sync with mongrel when CRLs are in use with apache2

martin f krafft madduck at debian.org
Thu Aug 21 12:58:00 UTC 2008

Package: puppet
Version: 0.24.5-2
Severity: normal
Tags: upstream

After switching to mongrel (and recreating the certificate for the
local puppetd), it won't sync with puppet anymore:

  err: /File[/var/lib/puppet/lib]: Failed to generate additional
  resources during transaction: Certificates were not trusted: tlsv1
  alert decrypt error

The only way to make it work again is by commenting
  SSLCARevocationFile /var/lib/puppet/ssl/ca/ca_crl.pem
in the apache2 configuration.

-- System Information:
Debian Release: lenny/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'testing'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.25-2-amd64 (SMP w/1 CPU core)
Locale: LANG=en_GB, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages puppet depends on:
ii  adduser                       3.110      add and remove users and groups
ii  facter                        1.5-0.1    a library for retrieving facts fro
ii  libopenssl-ruby               4.2        OpenSSL interface for Ruby
ii  libruby [libxmlrpc-ruby]      4.2        Libraries necessary to run Ruby 1.
ii  libshadow-ruby1.8             1.4.1-8    Interface of shadow password for R
ii  libxmlrpc-ruby                4.2        transitional dummy package
ii  lsb-base                      3.2-20     Linux Standard Base 3.2 init scrip
ii  ruby                          4.2        An interpreter of object-oriented 

Versions of packages puppet recommends:
ii  rdoc                          4.2        Generate documentation from ruby s

puppet suggests no packages.

-- no debconf information

 .''`.   martin f. krafft <madduck at debian.org>
: :'  :  proud Debian developer, author, administrator, and user
`. `'`   http://people.debian.org/~madduck - http://debiansystem.info
  `-  Debian - when you have better things to do than fixing systems
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: Digital signature (see http://martin-krafft.net/gpg/)
Url : http://lists.alioth.debian.org/pipermail/pkg-puppet-devel/attachments/20080821/645b727a/attachment.pgp 

More information about the Pkg-puppet-devel mailing list