Menu
My sytem username is myuser but I'm trying to bootstrap machines with a chef-validator.pem and then a blah.pem file, and getting the following error message:
ERROR: Failed to authenticate to https://mychef01 as blah with key
/etc/chef/blah.pem.
Response: Invalid signature for user or client 'blah'
Does this mean that the blah.pem file is invalid, or does it mean that it needs to match my system username (so, myuser.pem)? Either way, what is the root problem and what is the fix?
239
A chef-client is an agent that runs locally on every node that is under management by Chef. When a chef-client is run, it will perform all of the steps that are required to bring the node into the expected state, including: Registering and authenticating the node with the Chef server.
If you want to check the Chef Server version, you need to use chef-server-ctl version command.
The timestamp of the message is checked to ensure the request was received within a reasonable amount of time. One approach generating the signed headers is to use mixlib-authentication, which is a class-based header signing authentication object similar to the one used by the chef-client.
From the Administration tab in chef name-validator.pem is generated from Organization level, while name.pem is generated from the User level. You may not have generated the user level pem yet.
180
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
