chef - [chef] Re: Re: SSL Cert Error

Subscribers: 1946
Owners
Bryan McLellan
Joshua Timberman
Nathen Harvey
Seth Chisamore
Serdar Sutay

Subscribe
Unsubscribe
Info
Archive

Post

RSS
Shared documents

General discussion about Chef

[chef] Re: Re: SSL Cert Error

From: Steven Murawski < >
To:
Subject: [chef] Re: Re: SSL Cert Error
Date: Fri, 27 Mar 2015 10:58:55 -0400

Another resource that can help in this process is http://jtimberman.housepub.org/blog/2014/12/11/chef-12-fix-untrusted-self-sign-certs/ since Chef 12 now defaults to validating certificates.

Steven Murawski

Community Software Development Engineer @ Chef

Microsoft MVP - PowerShell
http://stevenmurawski.com

On March 25, 2015 at 8:27:01 AM, Tensibai ( "> ) wrote:

Sorry for the link only answer but it should help you:

http://stackoverflow.com/questions/29131020/ssl-validation-error-coming-while-doing-chef-client-setup/29141083#29141083

Le 2015-03-25 10:24, Simon Hawkins a écrit :

Hi All,

I get the following error when trying to bootstrap a windows machine:

10.44.51.117 C:\Windows\system32>chef-client -c c:/chef/client.rb -j c:/chef/first-boot.json -E _default

10.44.51.117 [2015-03-25T09:14:28+00:00] INFO: *** Chef 12.1.2 ***

10.44.51.117 [2015-03-25T09:14:28+00:00] INFO: Chef-client pid: 2564

10.44.51.117 [2015-03-25T09:15:03+00:00] INFO: Client key c:/chef/client.pem is not present - registering

10.44.51.117 [2015-03-25T09:15:03+00:00] ERROR: SSL Validation failure connecting to host: myserver.local - SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed

10.44.51.117

10.44.51.117 ================================================================================

10.44.51.117 Chef encountered an error attempting to create the client "node3"

10.44.51.117 ================================================================================

10.44.51.117

10.44.51.117 [2015-03-25T09:15:03+00:00] FATAL: Stacktrace dumped to c:/chef/cache/chef-stacktrace.out

10.44.51.117 [2015-03-25T09:15:03+00:00] FATAL: NoMethodError: undefined method `run_id' for nil:NilClass

If on my chef workstation I run:

Knife ssl check

Connecting to host myserver.local:443

Successfully verified certificates from `myserver.local'

Do I somehow need to send the cert out on the chef-client run somehow so the machine I am bootstrapping can verify the cert?

Cheers,

Simon.

Disclaimer

This message is intended only for the use of the person(s) ("Intended Recipient") to whom it is addressed. It may contain information which is privileged and confidential. Accordingly any dissemination, distribution, copying or other use of this message or any of its content by any person other than the Intended Recipient may constitute a breach of civil or criminal law and is strictly prohibited. If you are not the Intended Recipient, please contact the sender as soon as possible.

Totaljobs Group Limited Registered Office: Bluefin Building, 110 Southwark Street, London, SE1 0TA, UK Registered in England and Wales under company no. 4269861

[chef] SSL Cert Error, Simon Hawkins, 03/25/2015
- [chef] Re: SSL Cert Error, Jayant Kaushal, 03/25/2015
  - [chef] RE: Re: SSL Cert Error, Simon Hawkins, 03/25/2015
- [chef] Re: SSL Cert Error, Tensibai, 03/25/2015
  - [chef] Re: Re: SSL Cert Error, Steven Murawski, 03/27/2015