Puppet agent can't connect to master

[erdogancel]

Hi all,

I am setting up new puppet master in AWS and I already have a puppet master configured in on-premise. I created SSL cert for the new AWS master node but when I test from puppet agent getting below error. The agent and puppet master in on-premise connects and works fine without any issue.

These are the details of each puppet master and puppet agent.

AWS Puppet Master on RHEL8
puppet-agent-7.9.0-1.el8.x86_64 puppetserver-7.4.2-1.el8.noarch

On-premise Puppet Master on RHEL7
puppetserver-7.4.2-1.el7.noarch puppet-agent-7.9.0-1.el7.x86_64

On-premise Puppet Agent on RHEL7
puppet-agent-6.8.0-1.el7.x86_64

Warning: Unable to fetch my node definition, but the agent run will continue: Warning: certificate verify failed [unable to get local issuer certificate for CN=xyz.ast.com] Info: Retrieving pluginfacts Error: /File[/opt/puppetlabs/puppet/cache/facts.d]: Failed to generate additional resources using 'eval_generate': certificate verify failed [unable to get local issuer certificate for CN=xyz.ast.com] Error: /File[/opt/puppetlabs/puppet/cache/facts.d]: Could not evaluate: Could not retrieve file metadata for puppet:///pluginfacts: certificate verify failed [unable to get local issuer certificate for CN=xyz.ast..com] Info: Retrieving plugin Error: /File[/opt/puppetlabs/puppet/cache/lib]: Failed to generate additional resources using 'eval_generate': certificate verify failed [unable to get local issuer certificate for CN=xxx.ast.com] Error: /File[/opt/puppetlabs/puppet/cache/lib]: Could not evaluate: Could not retrieve file metadata for puppet:///plugins: certificate verify failed [unable to get local issuer certificate for CN=xyz.ast.com] Error: Could not retrieve catalog from remote server: certificate verify failed [unable to get local issuer certificate for CN=xyz.ast.com] Warning: Not using cache on failed catalog Error: Could not retrieve catalog; skipping run

[[email protected] ec2-user]# /opt/puppetlabs/bin/puppet agent --test Info: Using configured environment 'production' Info: Retrieving pluginfacts Info: Retrieving plugin Error: Could not retrieve catalog from remote server: Error 500 on SERVER: Server Error: Could not find node statement with name 'default' or 'xyz.ast.com' on node xyz.ast.com Warning: Not using cache on failed catalog Error: Could not retrieve catalog; skipping run Error: Could not send report: Error 500 on SERVER: Server Error: undefined method gsub' for false:FalseClass
[[email protected] ec2-user]# puppet ssl verify
Notice: Verified CA certificate 'CN=Puppet Root CA: ff63bcc6f2ef04' fingerprint (SHA256) 48:3C:9E:6A:91:A1:4A:D9:6A:06:CB:36:F9:36:0D:03:C4:2F:C0:62:7E:89:5A:EB:48:A0:A5:21:E1:B6:8F:43
Notice: Verified CA certificate 'CN=Puppet CA: xyz.ast.com' fingerprint (SHA256) 15:22:BA:FE:40:74:71:52:90:C2:7F:10:CA:5F:DC:0F:10:78:BC:98:21:F3:CC:F7:C2:7E:50:11:A9:23:A4:1F
Notice: Verified client certificate 'CN=xyz.ast.com' fingerprint (SHA256) F8:CA:81:03:4D:C2:EC:52:4B:22:B3:32:0A:6B:3B:67:ED:3B:26:1B:03:A5:D6:44:1B:8A:7F:1D:8B:C3:C7:A0

`

[erdogancel]

This is my puppet.conf
`[master]
dns_alt_names = xyz.ast.com, xyz.ast,puppetserver.example.com,puppetmaster,puppet
server = xyz.ast.com
autosign = true
reports = false

[server]
vardir = /opt/puppetlabs/server/data/puppetserver
logdir = /var/log/puppetlabs/puppetserver
rundir = /var/run/puppetlabs/puppetserver
pidfile = /var/run/puppetlabs/puppetserver/puppetserver.pid
codedir = /etc/puppetlabs/code

[main]
server = xyz.ast.com
certname = xyz.ast.com
# Run every 30 minutes.
runinterval = 1800
`

[erdogancel]

on-prem node gets this error.
Info: Using configured environment 'production' Info: Retrieving pluginfacts Info: Retrieving plugin Info: Caching catalog for xyz.ast.com Info: Applying configuration version '1682021233' Notice: Applied catalog in 0.01 seconds Error: Could not send report: Error 500 on SERVER: Server Error: undefined method gsub' for false:FalseClass
`