[chef] Re: validation.pem seems to stop working after 24-48 hours.

[Adam Jacob < >]

On Mon, May 16, 2011 at 2:24 PM, Jason J. W. Williams
<
 >
 wrote:
> I've got a strange issue where my bootstraps start failing after using
> the same validation.pem for more than 24-48 hours. The only way to fix
> it is to do a "knife client regenerate" to generate a new private key.
> Would really like to figure out why validation.pem stops working for
> authentication after 24 hours. When I run "openssl rsa -in
> validation.pem -pubout" I get the same public key that's listed in the
> Chef WebUI for chef-validator. It's not a time sync problem, because
> if I run knife with my own client key for my laptop, authentication is
> fine, but the minute I do "-k validation.pem" I get 401 Unauthorized.
> Any help is greatly appreciated. Regenerating chef-validator every 24
> hours is getting old.

I know you're going to hate my asking this - but are you sure you
aren't having a time problem? On your laptop, when you use -k, are you
also setting -u to the validators client name?

Adam

-- 
Opscode, Inc.
Adam Jacob, Chief Product Officer
T: (206) 619-7151 E: