Comments (6)
This log entry indicates that it could not connect to the configured PuppetDB server:
ERROR:pypuppetdb.api:Could not reach PuppetDB on puppet-test01.smaatolabs.net:8081 over HTTPS.
Either because it cannot resolve the name, the port isn't open or HTTPS is not properly configured.
The issue is connection related, not software.
from puppetboard.
It's most likely a certificate configuration issue.
If PuppetDB and Puppetboard are on the same machine don't use the HTTPS/SSL setup, use plain connection on port 8080.
Otherwise, make sure SSL_KEY and SSL_CERT are readable by the user that is running Puppetboard (apache perhaps) and make sure the full path can be read. Just because a file is 0644 doesn't mean you can actually access the file starting from /.
Also, set SSL_VERIFY to a path that contains the Puppet CA pem file, located by default in /var/lib/puppet/ssl/certs/ca.pem
.
from puppetboard.
It's not a connection problem. I checked that via telnet:
# telnet puppet-test01.smaatolabs.net 8081
Trying 10.128.18.5...
Connected to ec2-54-XXX-96-84.compute-1.amazonaws.com.
Escape character is '^]'.
^]
telnet> quit
Connection closed.
Also the certificate stuff should be right. A SSL handshake is possible:
# openssl s_client -key /var/lib/puppet/ssl/private_keys/puppetboard-test01.ec2.internal.pem -cert /var/lib/puppet/ssl/certs/puppetboard-test01.ec2.internal.pem -CAfile /var/lib/puppet/ssl/certs/ca.pem -connect puppet-test01.smaatolabs.net:8081
CONNECTED(00000003)
depth=1 CN = Puppet CA: puppet-test01.smaatolabs.net
verify return:1
depth=0 CN = puppet-test01.smaatolabs.net
verify return:1
---
Certificate chain
0 s:/CN=puppet-test01.smaatolabs.net
i:/CN=Puppet CA: puppet-test01.smaatolabs.net
---
Server certificate
-----BEGIN CERTIFICATE-----
XXX
-----END CERTIFICATE-----
subject=/CN=puppet-test01.smaatolabs.net
issuer=/CN=Puppet CA: puppet-test01.smaatolabs.net
---
Acceptable client certificate CA names
/CN=Puppet CA: puppet-test01.smaatolabs.net
---
SSL handshake has read 1733 bytes and written 4236 bytes
---
XXX
---
asdfs
HTTP/1.1 400 Bad Request
Content-Length: 0
Connection: close
Server: Jetty(7.x.y-SNAPSHOT)
I will now check the file permissions
from puppetboard.
There was a permission problem. I changed that so the the openssl connect command was also possible as user www-data
.
Unfortunately I get still the same error in the log.
from puppetboard.
Did you set SSL_VERIFY to the ca.pem file?
from puppetboard.
That has fixed it, thanks
from puppetboard.
Related Issues (20)
- memcached enabled and 'Error: no memcache module found'
- Localize timezones on dailyReportsChart
- Regular expressions in the node tab
- Add OpenShift Template to build Puppetboard
- The PUPPETBOARD_URL_PREFIX does not set flask's APPLICATION_ROOT
- system_uptime structured fact does not sort correctly
- Puppetboard 4.3.0 very slow with Chrome Dark Reader extension HOT 1
- Unable to setup puppetboard on ubuntu HOT 1
- Inventory tab feature legacy facts HOT 2
- puppetboard fails to start with scheduler enabled
- [BUG] applied changes during puppet run show empty on puppetboard if containing xml HOT 1
- puppetboard fails to start because module 'flask.json' has no attribute 'JSONEncoder'
- Setting GRAPH_FACTS causes a 500 error
- Intermittent errors after PuppetDB 8.0 to 8.1 upgrade HOT 13
- better support structured facts HOT 2
- Facts only showing RedHat HOT 1
- Pattern for python_version do not allow 3.11 HOT 3
- Make it More Apparent that SECRET_KEY cannot be blank HOT 3
- Allow puppetboard to start without a running puppetdb
- Offline mode tries to load external resources HOT 4
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from puppetboard.