Thanks. I’m running the berks-api service with ssl_verify = false, so I just had to use http instead of https protocol in my source line in the Berksfile and it worked. source
http://myserver.comain.com:26200 I will try running the berks-api service with SSL though, and try your idea. Chris From: Peter Burkholder [mailto:
Hi Chris, 1) get the ssl cert from your chef server with: knife ssl fetch https://my.chefserver.net and it will be stored in .chef/trusted_certs/my_chef_server.pem 2) then use that pem file as the CA for your berks stuff by putting the following as the first line of your Berksfile: ENV['SSL_CERT_FILE'] = '.chef/trusted_certs/my_chef_server.pem' That may help, -Peter On Wed, Apr 15, 2015 at 11:08 AM, Fouts, Chris <
" target="_blank">
> wrote: Thanks, but the “berks install” (NOT berks upload) does not accept the –ssl-verify=false option. Chris From: Michel Blankleder [mailto:
" target="_blank">
]
Hi, I had the same error a while ago and --ssl-verify=false solved the issue. berks upload cookbook_name --ssl-verify=false Hope it helps Michel On Wed, Apr 15, 2015 at 11:30 AM, Fouts, Chris <
" target="_blank">
> wrote: I set up an organization called berks-api on my Chef 12 Enterprise server to act as my Berks API server, and setup berkshelf-api. I then ran berks-api with $ berks-api –c ~/.berkshelf/api-server/config.json ..where my config.json file looks like { "endpoints": [ { "type": "chef_server", "options": { "url": "https://myserver.domain.com/organizations/berks-api", "client_name": "jenkins", "client_key": "/etc/berkshelf/api-server/jenkins.pem",
"ssl_verify" : false } } ] } …and see the following on my terminal, so I know it’s working. [2015-04-14T18:49:12.737950 #10033] INFO -- : Cache manager starting... I, [2015-04-14T18:49:12.738207 #10033] INFO -- : Loading save from /root/.berkshelf/api-server/cerch W, [2015-04-14T18:49:12.739368 #10033] WARN -- : Endpoints in config have changed - invalidating cache I, [2015-04-14T18:49:12.739465 #10033] INFO -- : Cache contains 0 items I, [2015-04-14T18:49:12.740341 #10033] INFO -- : Cache Builder starting... I, [2015-04-14T18:49:12.846975 #10033] INFO -- : REST Gateway listening on
0.0.0.0:26200 I, [2015-04-14T18:49:12.887143 #10033] INFO -- : Processing chef_server:
https://myserver.domain.com/organizations/berks-api I, [2015-04-14T18:49:12.963418 #10033] INFO -- : Found 25 cookbooks from chef_server:
https://myserver.domain.com/organizations/berks-api I, [2015-04-14T18:49:12.964527 #10033] INFO -- : Processing metadata for 25 cookbooks with 0 remaining on chef_server:
https://myserver.domain.com/organizations/berks-api I’m able to upload cookbooks to the berks-api server. Now I want to use Berkshelf magic to get cookbooks from it. My Berkshelf file looks like this source “https://myserver.domain.com/organizations/berks-api:26200” metadata cookbook “linux_role” When I do a berks install, I get Fetching cookbook index from
https://myserver.domain.com:26200... /opt/chef/embedded/lib/ruby/2.1.0/net/http.rb:920:in `connect': SSL_connect SYSCALL returned=5 errno=0 state=SSLv2/v3 read server hello A (Faraday::SSLError) from /opt/chef/embedded/lib/ruby/2.1.0/net/http.rb:920:in `block in connect' from /opt/chef/embedded/lib/ruby/2.1.0/timeout.rb:91:in `block in timeout' from /opt/chef/embedded/lib/ruby/2.1.0/timeout.rb:101:in `call' from /opt/chef/embedded/lib/ruby/2.1.0/timeout.rb:101:in `timeout' from /opt/chef/embedded/lib/ruby/2.1.0/net/http.rb:920:in `connect' from /opt/chef/embedded/lib/ruby/2.1.0/net/http.rb:863:in `do_start' from /opt/chef/embedded/lib/ruby/2.1.0/net/http.rb:852:in `start' from /opt/chef/embedded/lib/ruby/2.1.0/net/http.rb:1369:in `request' from /opt/chef/embedded/lib/ruby/2.1.0/net/http.rb:1128:in `get' from /opt/chef/embedded/lib/ruby/gems/2.1.0/gems/faraday-0.9.1/lib/faraday/adapter/net_http.rb:80:in `perform_request' from /opt/chef/embedded/lib/ruby/gems/2.1.0/gems/faraday-0.9.1/lib/faraday/adapter/net_http.rb:40:in `block in call' from /opt/chef/embedded/lib/ruby/gems/2.1.0/gems/faraday-0.9.1/lib/faraday/adapter/net_http.rb:87:in `with_net_http_connection' from /opt/chef/embedded/lib/ruby/gems/2.1.0/gems/faraday-0.9.1/lib/faraday/adapter/net_http.rb:32:in `call' from /opt/chef/embedded/lib/ruby/gems/2.1.0/gems/faraday-0.9.1/lib/faraday/request/retry.rb:110:in `call' from /opt/chef/embedded/lib/ruby/gems/2.1.0/gems/faraday-0.9.1/lib/faraday/response.rb:8:in `call' from /opt/chef/embedded/lib/ruby/gems/2.1.0/gems/faraday-0.9.1/lib/faraday/response.rb:8:in `call' from /opt/chef/embedded/lib/ruby/gems/2.1.0/gems/faraday-0.9.1/lib/faraday/rack_builder.rb:139:in `build_response' from /opt/chef/embedded/lib/ruby/gems/2.1.0/gems/faraday-0.9.1/lib/faraday/connection.rb:377:in `run_request' from /opt/chef/embedded/lib/ruby/gems/2.1.0/gems/faraday-0.9.1/lib/faraday/connection.rb:140:in `get' from /opt/chef/embedded/lib/ruby/gems/2.1.0/gems/berkshelf-api-client-1.2.1/lib/berkshelf/api_client/connection.rb:62:in `universe' from /opt/chef/embedded/lib/ruby/gems/2.1.0/gems/berkshelf-3.2.3/lib/berkshelf/source.rb:22:in `build_universe' from /opt/chef/embedded/lib/ruby/gems/2.1.0/gems/berkshelf-3.2.3/lib/berkshelf/installer.rb:21:in `block (2 levels) in build_universe' Is there an SSL setup I’m missing? I just want to disable SSL on the organization, if possible? Chris
-- |
Archive powered by MHonArc 2.6.16.