Here are a few tips for new Puppet users (using "example.com" as your domain):

To avoid this error:

Could not request certificate: The certificate retrieved from the master does not match the agent's private key

do this:

Name the Puppet server whatever you want except "puppet.example.com" but configure Puppet to use puppet.example.com for its certname. Also configure DNS for puppet.example.com to point to your Puppet server. The Puppet server will use its hostname for the Puppet agent and the puppet.example.com name for the Puppet server. If they are the same, Puppet will have lots of SSL-related problems.

To avoid this error:

puppet Error 400 on SERVER: Not authorized on /file_metadata

do this:

Wait. Assuming you have configured everything correctly, you will simply be surprised by how long this can take to work. Just try again and once more and repeatedly.

To avoid this error:

certificate is not yet valid for <some information referring to your Puppet server>

do this:

Check the date and time settings on the client and server. Could be that the certificate is not yet valid.

To deal with this error:

Exiting; no certificate found and waitforcert is disabled

do this:

Make sure Windows hasn't changed the DNS suffix for your network adapter.

Do not use the included Puppet file server and "file" type to distribute packages. It will keep copying the package to clients even after the package was installed and is now longer needed on the client. Use "file" to distribute configuration files.

Use Samba to create a share /export and use a symlink /etc/puppet/files to link to it. Use the Samba share to distribute and install packages like this (in site.pp):


Find a link to copyable text at the bottom of this blog entry. Obviously you can also use a CIFS share on any other server for this.

Use an administrator account "puppet" to run the Puppet service on Windows. Otherwise it won't have access to the network (unless you are in a domain where you can grant access to shares to computer accounts).

Unformatted but copy-and-pasteable Puppet site.pp code to install and uninstall JDK

 © Andrew Brehm 2016