Could not evaluate: certificate verify failed while using ssl proxy

Question

One of our machines was recently put behind an SSL proxy and since then I can't connect to puppet with "Could not evaluate: certificate verify failed."

I have checked that the dates match, regenerated the certificates but to no avail.

Debugging the verification with "openssl s_client -showcerts -connect puppetmaster:puppetmasterport" shows "Verify return code: 0 (ok)"

Initially the Proxy SSL Certificate was not recognized with a "Verify return code: 20 (unable to get local issuer certificate)" problem which was then fixed with the answer in the question: Adding root certificate to CentOS 5

Thanks for the addition, I should've specified I checked the date AND time :) — Onitlikesonic, Oct 15 '12 at 11:53

score 1 · Accepted Answer · answered Oct 12 '12 at 08:40

1

This seems to have solved my problem:

you need to add the top level ca pub key to it to /var/lib/puppet/ssl/certs/ca.pem

Reference: https://groups.google.com/forum/?fromgroups=#!topic/puppet-users/VVGkYArpYfI

answered Oct 12 '12 at 08:40

Onitlikesonic

1,201
5
17
24

Could not evaluate: certificate verify failed while using ssl proxy

1 Answers1