puppet agent not able to connect to master

Question

on master:

puppetserver ca list Traceback (most recent call last):
9: from /opt/puppetlabs/server/apps/puppetserver/cli/apps/ca:5:in '<main>'
8: from /opt/puppetlabs/puppet/lib/ruby/vendor_gems/gems/puppetserver-ca-1.8.0/lib/puppetserver/ca/cli.rb:94:in 'run'
7: from /opt/puppetlabs/puppet/lib/ruby/vendor_gems/gems/puppetserver-ca-1.8.0/lib/puppetserver/ca/action/list.rb:78:in 'run'
6: from /opt/puppetlabs/puppet/lib/ruby/vendor_gems/gems/puppetserver-ca-1.8.0/lib/puppetserver/ca/action/list.rb:167:in 'get_all_certs'
5: from /opt/puppetlabs/puppet/lib/ruby/vendor_gems/gems/puppetserver-ca-1.8.0/lib/puppetserver/ca/action/list.rb:167:in 'new'
4: from /opt/puppetlabs/puppet/lib/ruby/vendor_gems/gems/puppetserver-ca-1.8.0/lib/puppetserver/ca/certificate_authority.rb:26:in 'initialize'
3: from /opt/puppetlabs/puppet/lib/ruby/vendor_gems/gems/puppetserver-ca-1.8.0/lib/puppetserver/ca/certificate_authority.rb:26:in 'new'
2: from /opt/puppetlabs/puppet/lib/ruby/vendor_gems/gems/puppetserver-ca-1.8.0/lib/puppetserver/ca/utils/http_client.rb:23:in 'initialize'
1: from /opt/puppetlabs/puppet/lib/ruby/vendor_gems/gems/puppetserver-ca-1.8.0/lib/puppetserver/ca/utils/http_client.rb:144:in 'make_store'
/opt/puppetlabs/puppet/lib/ruby/vendor_gems/gems/puppetserver-ca-1.8.0/lib/puppetserver/ca/utils/http_client.rb:144:in add_file': system lib (OpenSSL::X509::StoreError)

On agent:

osboxes@ubuntuagent:~$ sudo ufw disable

Firewall stopped and disabled on system startup osboxes@ubuntuagent:~$ osboxes@ubuntuagent:~$ sudo systemctl restart puppet osboxes@ubuntuagent:~$ sudo systemctl status puppet ● puppet.service - Puppet agent Loaded: loaded (/lib/systemd/system/puppet.service; enabled; vendor preset: enabled) Active: active (running) since Tue 2020-08-04 08:56:55 EDT; 12s ago Main PID: 6239 (puppet) Tasks: 2 (limit: 2321) Memory: 45.5M CGroup: /system.slice/puppet.service └─6239 /opt/puppetlabs/puppet/bin/ruby /opt/puppetlabs/puppet/bin/puppet agent --no-daemonize

Aug 04 08:56:55 ubuntuagent systemd[1]: Started Puppet agent. Aug 04 08:56:59 ubuntuagent puppet-agent[6239]: Request to https://ubuntuserver:8140/puppet-ca/v1 failed after Aug 04 08:56:59 ubuntuagent puppet-agent[6239]: Wrapped exception: Aug 04 08:56:59 ubuntuagent puppet-agent[6239]: Failed to open TCP connection to ubuntuserver:8140 (Connection Aug 04 08:56:59 ubuntuagent puppet-agent[6239]: No more routes to ca

Answer 1

Your certficates are configured incorrectly, most likely on the server side. This is indicated by this line:

/opt/puppetlabs/puppet/lib/ruby/vendor_gems/gems/puppetserver-ca-1.8.0/lib/puppetserver/ca/utils/http_client.rb:144:in add_file': system lib (OpenSSL::X509::StoreError)