diff --git a/doc/puppet/README.md b/doc/puppet/README.md
index 499c744..0615c27 100644
--- a/doc/puppet/README.md
+++ b/doc/puppet/README.md
@@ -29,3 +29,21 @@ these steps are required when adding additional puppet masters, as the subject a
 
     sudo systemctl start puppetserver
     sudo cp /root/current_crl.pem /etc/puppetlabs/puppet/ssl/crl.pem
+
+
+## troubleshooting
+
+### Issue 1:
+
+    [sysadmin@ausyd1nxvm2056 ~]$ sudo puppet agent -t
+    Error: The CRL issued by 'CN=Puppet CA: prodinf01n01.main.unkin.net' is missing
+
+Find another puppetserver that IS working, copy the `/etc/puppetlabs/puppet/ssl/crl.pem` to this host, run puppet again.
+
+
+### Issue 2:
+
+    [sysadmin@ausyd1nxvm2097 ~]$ sudo puppet agent -t
+    Error: Failed to parse CA certificates as PEM
+
+The puppet-agents CA cert `/etc/puppetlabs/puppet/ssl/certs/ca.pem` is empty or missing. Grab it from any other host. Run puppet again.