ghost@fox:~/.chef$ knife ssl check -VVDEBUG: Checking SSL cert on https://lion

1. ghost@fox:~/.chef$ knife ssl check -VV
2. DEBUG: Checking SSL cert on https://lion:443/
3. Connecting to host lion:443
4. ERROR: The SSL certificate of lion could not be verified
5. DEBUG: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed
6. Certificate issuer data: /C=US/ST=WA/L=Seattle/O=YouCorp/OU=Operations/CN=lion/emailAddress=you@example.com
7.  
8. Configuration Info:
9.  
10. OpenSSL Configuration:
11. * Version: OpenSSL 1.0.1i 6 Aug 2014
12. * Certificate file: /opt/chefdk/embedded/ssl/cert.pem
13. * Certificate directory: /opt/chefdk/embedded/ssl/certs
14. Chef SSL Configuration:
15. * ssl_ca_path: nil
16. * ssl_ca_file: nil
17. * trusted_certs_dir: "/home/ghost/.chef/trusted_certs"
18.  
19. TO FIX THIS ERROR:
20.  
21. If the server you are connecting to uses a self-signed certificate, you must
22. configure chef to trust that server's certificate.
23.  
24. By default, the certificate is stored in the following location on the host
25. where your chef-server runs:
26.  
27. /var/opt/chef-server/nginx/ca/SERVER_HOSTNAME.crt
28.  
29. Copy that file to you trusted_certs_dir (currently: /home/ghost/.chef/trusted_certs)
30. using SSH/SCP or some other secure method, then re-run this command to confirm
31. that the server's certificate is now trusted.
32.  
33. ghost@fox:~/.chef$ knife ssl check -c /etc/chef/client.rb -VV
34. DEBUG: Checking SSL cert on https://lion:443/
35. Connecting to host lion:443
36. Successfully verified certificates from `lion'
37. ghost@fox:~/.chef$