Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- ghost@fox:~/.chef$ knife ssl check -VV
- DEBUG: Checking SSL cert on https://lion:443/
- Connecting to host lion:443
- ERROR: The SSL certificate of lion could not be verified
- DEBUG: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed
- Certificate issuer data: /C=US/ST=WA/L=Seattle/O=YouCorp/OU=Operations/CN=lion/emailAddress=you@example.com
- Configuration Info:
- OpenSSL Configuration:
- * Version: OpenSSL 1.0.1i 6 Aug 2014
- * Certificate file: /opt/chefdk/embedded/ssl/cert.pem
- * Certificate directory: /opt/chefdk/embedded/ssl/certs
- Chef SSL Configuration:
- * ssl_ca_path: nil
- * ssl_ca_file: nil
- * trusted_certs_dir: "/home/ghost/.chef/trusted_certs"
- TO FIX THIS ERROR:
- If the server you are connecting to uses a self-signed certificate, you must
- configure chef to trust that server's certificate.
- By default, the certificate is stored in the following location on the host
- where your chef-server runs:
- /var/opt/chef-server/nginx/ca/SERVER_HOSTNAME.crt
- Copy that file to you trusted_certs_dir (currently: /home/ghost/.chef/trusted_certs)
- using SSH/SCP or some other secure method, then re-run this command to confirm
- that the server's certificate is now trusted.
- ghost@fox:~/.chef$ knife ssl check -c /etc/chef/client.rb -VV
- DEBUG: Checking SSL cert on https://lion:443/
- Connecting to host lion:443
- Successfully verified certificates from `lion'
- ghost@fox:~/.chef$
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement