Puppet weird SSL error: SSL_read:: pkcs1 padding too short

While setting a puppet agent to talk to my puppetmaster I’ve got this weird SSL error:

Error: SSL_read:: pkcs1 padding too short

Debugging both on the agent and master sides didn’t offered much information.

On the master:

puppet master --no-daemonize --debug

On the agent:

puppet agent --test --debug

Although I had my master using 3.0.1 and the tested agent using 2.7, the problem didn’t look related to that. People @ #puppet also haven’t seen this error before.

I figured the problem reduced to an issue with openssl. So, I checked versions and there I got! agent’s openssl is using version 1.0.0j-1.43.amzn1 and master’s was using openssl-0.9.8b-10.el5_2.1 So I upgraded master’s openssl to openssl.i686 0:0.9.8e-22.el5_8.4 and voilá, the problem is gone.

I learned that there has been a patch in OpenSSL’s VCS that is apparently related to the issue. Hope this helps if you got into the described situation.