Article Number
000032269
Applies To
RSA Product Set: Security Analytics
RSA Product/Service Type: Security Analytics Server
RSA Version/Condition: 10.5.0.0
Platform: CentOS
O/S Version: EL6
Issue
When trying to deploy a new appliance on SA UI we see below errors on /var/log/messages after running puppet agent -t on the appliance:
puppet-agent[24194]: Could not retrieve catalog from remote server: Server hostname 'puppetmaster.local' did not match server certificate; expected one of NODE_ID_OF_APPLIANCE, DNS:Dns_Server, DNS:NODE_ID_OF_APPLIANCE, DNS:puppet, DNS:Puppet_DNS_Server
puppet-agent[24194]: Using cached catalog
puppet-agent[24194]: Could not retrieve catalog; skipping run
puppet-agent[24194]: Could not send report: Server hostname 'puppetmaster.local' did not match server certificate; expected one of NODE_ID_OF_APPLIANCE, DNS:Dns_Server, DNS:NODE_ID_OF_APPLIANCE, DNS:puppet, DNS:Puppet_DNS_Server
Resolution
Issue the commands below on the Security Analytics server and on the affected appliance.
# service puppet stop
# service puppetmaster stop (SA server only)
# service rabbitmq-server stop
# cd /var/lib/puppet
# mv ssl ssl.bad
# mv state state.bad
# service puppetmaster start (SA server only)
# service rabbitmq-server start
# service puppet start
# puppet agent -t
