Disclaimer: This post is trivial and is mostly just here so google can help people solve this problem a bit faster.
When trying to install a puppet module using the puppet module tool I go the following error:
root@puppetboard:~# puppet module install nibalizer-puppetboard
Notice: Preparing to install into /etc/puppet/modules ...
Notice: Downloading from https://forgeapi.puppetlabs.com ...
Error: Could not connect via HTTPS to https://forgeapi.puppetlabs.com
Unable to verify the SSL certificate
The certificate may not be signed by a valid CA
The CA bundle included with OpenSSL may not be valid or up to date
I ran the obvious to try to fix it:
root@puppetboard:~# sudo apt-get upgrade
Reading package lists... Done
Building dependency tree
Reading state information... Done
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
root@puppetboard:~# sudo apt-get dist-upgrade -y
Reading package lists... Done
Building dependency tree
Reading state information... Done
Calculating upgrade... Done
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
But didn't find the answer until I started using openssl to debug:
root@puppetboard:~# openssl s_client -connect foregapi.puppetlabs.com:443
-bash: openssl: command not found
root@puppetboard:~# sudo apt-get install openssl
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following packages were automatically installed and are no longer required:
bind9-host libdns81 libisccc80 liblwres80 libbind9-80 geoip-database libgeoip1 libisccfg82 libisc83
Use 'apt-get autoremove' to remove them.
Suggested packages:
ca-certificates
The following NEW packages will be installed:
openssl
0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded.
Need to get 523 kB of archives.
After this operation, 923 kB of additional disk space will be used.
Get:1 http://archive.ubuntu.com/ubuntu/ precise-updates/main openssl amd64 1.0.1-4ubuntu5.14 [523 kB]
Fetched 523 kB in 2s (221 kB/s)
Selecting previously unselected package openssl.
(Reading database ... 14469 files and directories currently installed.)
Unpacking openssl (from .../openssl_1.0.1-4ubuntu5.14_amd64.deb) ...
^PSetting up openssl (1.0.1-4ubuntu5.14) ...
^C^C^C^C^C
Aha! In the 'Suggested Packages' section the ca-certificates package is suggested and that means that package is not installed.
I installed that package and everything went back to working. This is basically caused because the lxc template for precise doesn't bring the ca-certificates package along with it. Awesome. Strong job ubuntu. Way to go. Those 15k of files were really slowing people down.
