Puppet client not connection to master - SSL connect Error

Solution 1:

Try making an entry in /etc/hosts

127.0.0.1 localhost.localdomain localhost puppet

remove the --server argument to the puppet agent command.

Solution 2:

Find out the FQDN of your puppetmaster by issuing:

# openssl x509 -noout -subject -in /var/lib/puppet/ssl/ca/ca_crt.pem
subject= /CN=Puppet CA: host.domain.com

Compare with the output (if any) of:

# puppet cert list --all

Add an entry to your /etc/hosts file pointing the IP listening in the puppetmaster port (8140):

192.168.124.2  host.domain.com host

To find out which IP to use, you need to know the process listening, which is different if this is a standalone puppetmaster or an apache+passenger installation. You can use:

netstat -an | grep 8140.*LISTEN

Check your /etc/puppet/puppet.conf file, specifically the server= entry, which should be pointing to the FQDN described above.

Don't use localhost, unless you don't want this puppetmaster to be found.

Before starting the pupppet agent, issue:

# puppet agent --test --waitforcet 2

which instructs the agent to send a CSR to the puppetmaster CA and wait for it to be signed.

Check using

# puppet cert --list

The pending to sign CSR. Sign it:

# puppet cert sign host.domain.com

Watch puppet agent receive a compiled catalog and apply it. After that, you are ready to start the agent and add it to the startup scripts.