Could not evaluate: certificate verify failed while using ssl proxy

Posted by Onitlikesonic on Server Fault See other posts from Server Fault or by Onitlikesonic
Published on 2012-10-12T08:10:21Z Indexed on 2012/10/12 9:40 UTC
Read the original article Hit count: 324

Filed under:

centos5

|

puppet

|

puppetmaster

One of our machines was recently put behind an SSL proxy and since then I can't connect to puppet with "Could not evaluate: certificate verify failed."

I have checked that the dates match, regenerated the certificates but to no avail.

Debugging the verification with "openssl s_client -showcerts -connect puppetmaster:puppetmasterport" shows "Verify return code: 0 (ok)"

Initially the Proxy SSL Certificate was not recognized with a "Verify return code: 20 (unable to get local issuer certificate)" problem which was then fixed with the answer in the question: Adding root certificate to CentOS 5

© Server Fault or respective owner

Related posts about centos5

slow network in centos5 VM with centos5 host running KVM

as seen on Server Fault - Search for 'Server Fault'
I setup KVM following the guide here: http://www.cyberciti.biz/faq/centos-rhel-linux-kvm-virtulization-tutorial/ I setup a bridged network and it worked fine except that the transfer speed is 200KB/s instead of the gigabit speed that I get on the host machine by itself. I tried editing the guest… >>> More
slow network in centos5 VM with centos5 host running KVM

as seen on Server Fault - Search for 'Server Fault'
I setup KVM following the guide here: http://www.cyberciti.biz/faq/centos-rhel-linux-kvm-virtulization-tutorial/ I setup a bridged network and it worked fine except that the transfer speed is 200KB/s instead of the gigabit speed that I get on the host machine by itself. I tried editing the guest… >>> More
where is apache folder (path) for centos5

as seen on Stack Overflow - Search for 'Stack Overflow'
hi, i need the apache folder (path) for centos5 >>> More
X11 performance problem after upgrading from Centos3 to Centos5 with an ATI Rage XL

as seen on Server Fault - Search for 'Server Fault'
After upgrading a computer from Centos3 to Centos5 an application that does a lot of scrolling took a very high performance hit. top tells me that X is using a lot of CPU and that was not happening before. The machine has an ATI Rage XL with 8MB and X is using the ati driver as there is no proprietary… >>> More
Enable PDO for PHP5 on CentOS5 where PHP is configured as '--disable-pdo'

as seen on Stack Overflow - Search for 'Stack Overflow'
Hi I have been given access to a CentOS5 machine by my client for their new site which uses Zend Framework. phpinfo() states in Configure Command that PDO is disabled ('--disable-pdo'). How can enable it? Do I need to recompile PHP5 to enable it? I have tried adding 'extension=pdo.so' in php.ini… >>> More

Related posts about puppet

migrating puppet clients to a new puppet master (old puppet master server gone, only using backup)

as seen on Server Fault - Search for 'Server Fault'
My puppet master server had a hardware failure, and I have restored to another box. However this box has different hardware and hostname. If I restore the existing /etc/puppet directory to the new server, the puppetmaster will not start with the following error; # puppetmasterd --debug --verbose Could… >>> More
puppet rspec no such file to load -- rspec-puppet (LoadError)

as seen on Ask Ubuntu - Search for 'Ask Ubuntu'
I have no prior experience at all of ruby. I am not interested in ruby (and so have no knowledge of rails etc) as such but am using puppet to manage a group of servers. I have written some modules and the rspec-puppet system looks like it would be very useful. However, I cannot get rspec-puppet… >>> More
Puppet: Making Windows Awesome Since 2011

as seen on Geeks with Blogs - Search for 'Geeks with Blogs'
Originally posted on: http://geekswithblogs.net/robz/archive/2014/08/07/puppet-making-windows-awesome-since-2011.aspxPuppet was one of the first configuration management (CM) tools to support Windows, way back in 2011. It has the heaviest investment on Windows infrastructure with 1/3 of the platform… >>> More
What causes this logrotate behavior in Puppet?

as seen on Server Fault - Search for 'Server Fault'
After running logrotate, Puppet starts writing it's logs into /var/log/puppet/masterhttp.log-20130616. How come it doesn't keep logging in /var/log/puppet/masterhttp.log? It seems normal behavior is renaming the original log-file and start with a clean fresh log-file to start writing in that log… >>> More
solved: puppet master REST API returns 403 when running under passenger works when master runs from command line

as seen on Server Fault - Search for 'Server Fault'
I am using the standard auth.conf provided in puppet install for the puppet master which is running through passenger under Nginx. However for most of the catalog, files and certitifcate request I get a 403 response. ### Authenticated paths - these apply only when the client ### has a valid certificate… >>> More