- From: Elias Abacioglu <
>
- To:
- Subject: [chef] node chef first run unauthorized..
- Date: Wed, 16 Sep 2015 12:25:38 +0200
Hi,
I have installed chef-server v12.2.0.
When I run chef-client for the first time on a new node to bootstrap it I get following output:
Creating a new client identity for node01.something using the validator key.
[2015-09-16T12:01:15+02:00] INFO: Client key /etc/chef/client.pem is not present - registering
[2015-09-16T12:01:15+02:00] INFO: HTTP Request Returned 401 Unauthorized: error
================================================================================
Chef encountered an error attempting to create the client "node01.something"
================================================================================
Authentication Error:
---------------------
Failed to authenticate to the chef server (http 401).
Server Response:
----------------
Invalid signature for user or client 'ORG-validator'
Relevant Config Settings:
-------------------------
chef_server_url "https://chef.something/organizations/ORG"
validation_client_name "ORG-validator"
validation_key "/etc/chef/validation.pem"
If these settings are correct, your validation_key may be invalid. validation client name is the name I got from when I created organization ORG.
validation key is the from ORG-validator.
the client.rb looks like this:
log_level :info
log_location STDOUT
ssl_verify_mode :verify_none
chef_server_url "https://chef.something/organizations/ORG"
validation_client_name "ORG-validator"
file_backup_path "/var/lib/chef/backup"
file_cache_path "/var/cache/chef"
pid_file "/var/run/chef/client.pid"
Mixlib::Log::Formatter.show_time = trueSo how do I verify that my validator key is correct or incorrect?
How do I know if something else is broken?
openssl rsa -in ORG-validator.pem -pubout
does not match:
knife client key show ORG-validator default
- [chef] node chef first run unauthorized.., Elias Abacioglu, 09/16/2015
Archive powered by MHonArc 2.6.16.