Capsule installation fails when already registered to the puppet master with the error: "Failed to call refresh: /usr/bin/puppet cert --generate capsule.example.com returned 23 instead of one of [0]"
Environment
- Red Hat Satellite 6
Issue
- When installing a capsule already registered to the Puppet master, it throws the error below:
/usr/bin/puppet cert --generate capsulexx.usersys.redhat.com returned 23 instead of one of [0]
/Stage[main]/Puppet::Server::Config/Exec[puppet_server_config-generate_ca_cert]/returns: change from notrun to 0 failed:
/usr/bin/puppet cert --generate capsulexx.usersys.redhat.com returned 23 instead of one of [0]
/Stage[main]/Puppet::Server::Config/Exec[puppet_server_config-generate_ca_cert]:
Failed to call refresh: /usr/bin/puppet cert --generate capsulexx.usersys.redhat.com returned 23 instead of one of [0]
/Stage[main]/Puppet::Server::Config/Exec[puppet_server_config-generate_ca_cert]:
/usr/bin/puppet cert --generate capsulexx.usersys.redhat.com returned 23 instead of one of [0]
Installing
Done [100%] [.................................................................................................]
Something went wrong! Check the log for ERROR-level output
The full log is at /var/log/katello-installer/capsule-installer.log
Resolution
- To workaround this issue execute the steps below:
on the Satellite server
====
# puppet cert clean capsulexx.rdu.redhat.com
on the Capsule
=====
# find /var/lib/puppet/ssl/ -type f -exec rm -f {} \;
# find /etc/puppet/ -iname "*pem" -type f -exec rm -f {} \;
- Then re-run the capsuler-installer :
[root@capsulexx ~]# capsule-installer --parent-fqdn "dhcp145-230.rdu.redhat.com" \
--register-in-foreman "true" \
--foreman-oauth-key "2WfTrt2eC6VPsHKraRwapKr3Z2nNSfbj" \
--foreman-oauth-secret "PqQ9W5WwhCgDg4cRfw5V2mmFJ382LJFJ" \
--pulp-oauth-secret "QnRMy4ejFCUAjuLHxZp6sM9bQgPHsfeU" \
--certs-tar "/root/capsulexx.usersys.redhat.com.tar" \
--puppet "true" \
--puppetca "true" \
--pulp "true"
[...SNIP...]
system identity: 54367bd8-61b7-4d90-9d80-653c3d83b8ae
Installing Done
[100%] [.................................................................................................]
Success!
* Capsule is running at https://capsulexx.usersys.redhat.com:9090
The full log is at /var/log/katello-installer/capsule-installer.log
- This issue is being tracked by the bugzilla#1187264.
Root Cause
- This happens because the directory
/var/lib/puppet/sslalready have the SSL certificate created.
This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.
Close
Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.