I am fairly new to Chef and have installed a chef server 11 on Node1, I have done successfully setup for workstation on Node2 and when I get user list I am getting all the user list
[root@Staging3 .chef]# knife user list
admin
root
But when I issue knife bootstrap I am getting following error.
[root@Staging3 .chef]# knife bootstrap 10.4.6.214 -x root -N slave1 --sudo
Doing old-style registration with the validation key at /opt/chef/chef-repo/.chef/chef-validator.pem...
Delete your validation key in order to use your user credentials instead
Connecting to X.X.X.X
[email protected]'s password:
X.X.X.X Starting first Chef Client run...
X.X.X.X Starting Chef Client, version 12.1.1
X.X.X.X Creating a new client identity for slave1 using the validator key.
X.X.X.X [2015-03-19T00:42:00+05:30] ERROR: SSL Validation failure connecting to host: staging4.akosha.com - SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed
X.X.X.X
X.X.X.X ================================================================================
X.X.X.X Chef encountered an error attempting to create the client "slave1"
X.X.X.X ================================================================================
X.X.X.X
X.X.X.X [2015-03-19T00:42:00+05:30] FATAL: Stacktrace dumped to /var/chef/cache/chef-stacktrace.out
X.X.X.X Chef Client failed. 0 resources updated in 6.045009421 seconds
X.X.X.X [2015-03-19T00:42:00+05:30] ERROR: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed
X.X.X.X [2015-03-19T00:42:00+05:30] FATAL: Chef::Exceptions::ChildConvergeError: Chef run process exited unsuccessfully (exit code 1)
I have read all the blog for doing client setup but haven't came across any solution, Any help would be appreciated in this....
I thought there might be some problem from my chef workstation but it wasn't
[root@Staging3 chef-repo]# knife ssl check -s https://staging4.akosha.com
Connecting to host staging4.akosha.com:443
Successfully verified certificates from `staging4.akosha.com'
This helps us ensure that our systems are secure and run smoothly – without the risk of human error. In this post, we'll talk about how to automate your certificate installation using Chef in the same way. We'll provision an Nginx web server and install an SSL certificate to securely display a web page.
You can use the knife ssl check command to verify whether the Chef SSL certificate is installed properly on your local machine. You should execute ssl check command inside the chef repository directory. If not, you'll get the “No knife configuration file found” error message as shown below.
There is some info here you can look at:
https://docs.chef.io/chef_client_security.html
With Chef 12 you need to run the command:
knife ssl fetch
Alternately you can turn of ssl verification in the knife.rb file with this setting:
ssl_verify_mode :verify_none
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With