Installing Puppet Enterprise on an agent node from the PE package management repository fails with error code 60.
Error messages and logs
curl -k https://<PRIMARY SERVER URL>:8140/packages/current/install.bash | sudo bash
% Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 100 26355 100 26355 0 0 160k 0 -::- -::- -::- 160k bulk downloading plugins E: 'curl --cacert /etc/puppetlabs/puppet/ssl/certs/ca.pem -o /tmp/tmp.rPSRhMMdl1 -L --write-out % {http_code} -s https://<PRIMARY SERVER URL>:8140/packages/bulk_pluginsync.tar.gz ' failed (exit_code: 60) Error code 60 attempting to reach https://<PRIMARY SERVER URL>:8140/packages/bulk_pluginsync.tar.gz
Version and installation information
PE version: All supported
Solution
-
If you previously installed Puppet Enterprise on the affected node, check
/etc/puppetlabs/puppet/ssl/certs/ca.pemfor a previously-issued, invalid certificate authority (CA) certificate. If you have an invalid CA cert, on the affected agent node, back up the certificate and remove the old certs. For example:mv /etc/puppetlabs/puppet/ssl /etc/puppetlabs/puppet/ssl.bakAfter that, you should be able to install PE on the agent node. During installation, valid certs will be regenerated for the agent and a valid CA cert will be retrieved from the primary server.
-
If the primary server is accessing the agent node indirectly, for example, via a proxy or firewall, networking equipment might be terminating SSL in transit, so the correct CA cert causes an SSL error. In that case, resolve network issues to ensure that the agent can connect with the primary server on the required ports. When they’re resolved, you should be able to install PE on the agent node.
How can we improve this article?
0 comments
Please sign in to leave a comment.
Related articles