I'm running into certificate errors when I run "puppet agent -t" using a vault lookup module in my branch for the agent config. Here's the errors I get:
"Failed to apply catalog: certificate verify failed" and "The certificate for does not match its private key"
The error persists even after I swap back to the production branch for the agent, where we then have to do an SSL clean to get the prod agent config to apply successfully.
Would setting up puppet to be the intermediaery CA be a good idea? Anybody run into this before?
We also setup approle auth for vault, but to no avail. Any help would be appreciated, thanks!
Unsuccessful solutions: vault app role auth, generating new keys, defining the ssl_cert manually in the agent config, and cleaning the agent cert from the master.
