Re: Installation Failure (PEBKAC, more than likely)

[Adam Jacob <adam@opscode.com>]

It looks like you generated the certificates with capitalized
hostnames that are not fully qualified, which is your issue. The SSL
certificate must match the fqdn you are using in chef - so try again
with certificates build for cn=puck.xxx.xxx.com.

Adam

On Wed, Jun 17, 2009 at 10:16 AM, Joseph Smith<joseph.smith@5to1.com> wrote:
> Hello All -
>
> I'm having issues running chef-client post-validation through the webUI,
> wondered if anyone can spot my 'gotcha'.
> Error as reported in server.log:
>  ~ WARNING: making https request to
> https://puck.test.5to1.com/openid/server/node/Titania without verifying
> server certificate; no CA path was specified.
>  ~ Discovery failed for https://puck.XXX.XXX.com/openid/server/node/Titania:
> Failed to fetch identity URL
> https://puck.XXX.XXX.com/openid/server/node/Titania : Error connecting to
> SSL URL https://puck.XXX.XXX.com/openid/server/node/Titania: hostname does
> not match - (Merb::ControllerExceptions::BadRequest)
> Error running chef-client on Titania:  (Titania.XXX.XXX.com)
> /usr/lib/ruby/1.8/open-uri.rb:32:in `initialize': Permission denied -
> /var/log/chef/client.log (Errno::EACCES)
>   (let me know if trace is important)
> @Titania:  openssl s_client -connect puck.XXX.XXX.com
> ...
> CN result:
> subject=/C=US/ST=Several/L=Locality/O=Example/OU=Operations/CN=Puck./emailAddress=ops@
> issuer=/C=US/ST=Several/L=Locality/O=Example/OU=Operations/CN=Puck./emailAddress=ops@
>
> Notes:
> OS:  Ubuntu 8.10
> Puck and Titania are on the same subnet
>
>
>



-- 
Opscode, Inc.
Adam Jacob, CTO
T: (206) 508-4759 E: adam@opscode.com