I have installed chef client 12.0.3
, on top of it I have install chef-dk version 0.3.5
but why chef-dk is installing chef client version Chef: 11.18.0.rc.1
Error:
E, [2015-01-08T04:58:36.707534 #22533] ERROR -- : Ridley::Errors::ClientError: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed
E, [2015-01-08T04:58:36.708931 #22533] ERROR -- : /opt/chefdk/embedded/lib/ruby/gems/2.1.0/gems/celluloid-0.16.0/lib/celluloid/responses.rb:29:in `value'
/opt/chefdk/embedded/lib/ruby/gems/2.1.0/gems/celluloid-0.16.0/lib/celluloid/calls.rb:92:in `value'
/opt/chefdk/embedded/lib/ruby/gems/2.1.0/gems/celluloid-0.16.0/lib/celluloid/proxies/sync_proxy.rb:33:in `method_missing'
/opt/chefdk/embedded/lib/ruby/gems/2.1.0/gems/celluloid-0.16.0/lib/celluloid/proxies/cell_proxy.rb:17:in `_send_
There was an error connecting to the Chef Server
It is failing the SSL verification process. Follow these instructions to fix it for knife. For berkshelf you can disable SSL verification in your config.json
or you can set $SSL_CERT_FILE
to the downloaded server certificate.
This is a berks related issue.
You can cancel the ssl verify option in berks config file:
echo '{"ssl": { "verify": false }}' > ~/.berkshelf/config.json
As I'm a big fan of fixing the error instead of fixing the symptom here is what you can do to be sure the SSL connection works with validation (with a little more detail than coderanger one):
1) Get the server certificate and add it to the cacert.pem file of chef-dk
openssl s_client -showcerts -connect <YOUR_CHEF_SERVER>:443 </dev/null 2>/dev/null|openssl x509 -outform PEM >> /opt/chefdk/embedded/ssl/certs/cacert.pem
2) set the env variables for ssl libs:
export SSL_CERT_FILE=/opt/chefdk/embedded/ssl/certs/cacert.pem
Retry your upload and it should work.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With