How Do You Troubleshoot the Puppet Error “Could not send report: SSL_connect returned=1 errno=0 state=error: certificate verify failed”?

Problem scenario
You try to connect to Puppet master from Puppet agent for the first time (to get the certificate signed).  You run this command:  puppet agent -t -d

But you get this error:  "Error: Could not send report: SSL_connect returned=1 errno=0 state=error:  certificate verify failed:"

What should you do?

Are you changing the Puppet master for the Puppet agent?  It is acceptable to configure a Puppet agent to communicate with a new Puppet master server.  If that is the what recently happened, or you are desparate to try something new, back up the .pem file on the Puppet agent node.  Find the name of the .pem file.  It will often be like this:


For the sake of identifying the name, replace "FQDNofPuppetMaster" in the above with the FQDN of the Puppet master server.  It will often be in a directory named "ssl" on the Puppet agent server.  You may want to search for it like this:  sudo find / -name ssl -type d

You may want to back it up to some other directory.  Then delete the original file from the ssl directory.

Now run the Puppet agent process again:  sudo puppet agent -t -d

The error should go away.  A second potential root cause to this problem is that the SSL port was blocked between the Puppet agent and Puppet master server.

Leave a comment

Your email address will not be published. Required fields are marked *