We help IT Professionals succeed at work.
Get Started

connection verification failed between knife and chef server

185 Views
Last Modified: 2016-04-08
I am not sure if I can get help for this topic about chef software.

I was following this link to https://learn.chef.io/manage-a-node/windows/set-up-your-chef-server/, but the ssl check failed. I know I didn't do any steps to configure ssl, but how can I do it here.

thanks.


Windows PowerShell
Copyright (C) 2009 Microsoft Corporation. All rights reserved.

PS C:\Windows\system32> cd "C:\Users\Yuj\chef-repo\.chef"
PS C:\Users\Yuj\chef-repo\.chef> .\knife.rb jasony.pem
PS C:\Users\Yuj\chef-repo\.chef>
[12868:19864:0330/164413:VERBOSE1:crash_service_main.cc(68)] Session start. cmdline is [--reporter-url=https://ticinocrashreporter.azurewebsites.net/crash --application-name=VSCode --v=1]
[12868:19864:0330/164413:VERBOSE1:crash_service.cc(142)] window handle is 003A1BBC
[12868:19864:0330/164413:VERBOSE1:crash_service.cc(290)] pipe name is \\.\pipe\VSCode Crash Service
dumps at C:\Users\adm-YuJ\AppData\Local\Temp\VSCode Crashes
[12868:19864:0330/164413:VERBOSE1:crash_service.cc(294)] checkpoint is C:\Users\adm-YuJ\AppData\Local\Temp\VSCode Crashes\crash_checkpoint.txt
server is https://ticinocrashreporter.azurewebsites.net/crash
maximum 128 reports/day
reporter is electron-crash-service
[12868:19864:0330/164413:VERBOSE1:crash_service_main.cc(84)] Ready to process crash requests
[12868:4060:0330/164413:VERBOSE1:crash_service.cc(323)] client start. pid = 7796
[12868:4060:0330/164413:VERBOSE1:crash_service.cc(323)] client start. pid = 6696
[11620:1892:0330/164414:VERBOSE1:crash_service_main.cc(68)] Session start. cmdline is [--reporter-url=https://ticinocrashreporter.azurewebsites.net/crash --application-name=VSCode --v=1]
[11620:1892:0330/164414:VERBOSE1:crash_service.cc(142)] window handle is 003A148E
[11620:1892:0330/164414:VERBOSE1:crash_service.cc(290)] pipe name is \\.\pipe\VSCode Crash Service
dumps at C:\Users\adm-YuJ\AppData\Local\Temp\VSCode Crashes
[11620:1892:0330/164414:VERBOSE1:crash_service.cc(294)] checkpoint is C:\Users\adm-YuJ\AppData\Local\Temp\VSCode Crashes\crash_checkpoint.txt
server is https://ticinocrashreporter.azurewebsites.net/crash
maximum 128 reports/day
reporter is electron-crash-service
[11620:1892:0330/164414:ERROR:crash_service.cc(301)] could not start dumper

PS C:\Users\Yuj\chef-repo\.chef>
PS C:\Users\Yuj\chef-repo\.chef>
PS C:\Users\Yuj\chef-repo\.chef> knife ssl check
Connecting to host jboss-testvm.na.kfy.com:443
ERROR: The SSL certificate of jboss-testvm.na.kfy.com could not be verified
Certificate issuer data: /C=US/O=YouCorp/OU=Operations/CN=jboss-testvm.na.kfy.com

Configuration Info:

OpenSSL Configuration:
* Version: OpenSSL 1.0.1l 15 Jan 2015
* Certificate file: C:/projects/openssl/knap-build/var/knapsack/software/x86-windows/openssl/1.0.1r/ssl/cert.pem
* Certificate directory: C:/projects/openssl/knap-build/var/knapsack/software/x86-windows/openssl/1.0.1r/ssl/certs
Chef SSL Configuration:
* ssl_ca_path: nil
* ssl_ca_file: "C:/opscode/chef/embedded/ssl/certs/cacert.pem"
* trusted_certs_dir: "c:\\users\\yuj\\chef-repo\\.chef\\trusted_certs"

TO FIX THIS ERROR:

If the server you are connecting to uses a self-signed certificate, you must
configure chef to trust that server's certificate.

By default, the certificate is stored in the following location on the host
where your chef-server runs:

  /var/opt/opscode/nginx/ca/SERVER_HOSTNAME.crt

Copy that file to your trusted_certs_dir (currently: c:\users\yuj\chef-repo\.chef\trusted_certs)
using SSH/SCP or some other secure method, then re-run this command to confirm
that the server's certificate is now trusted.

PS C:\Users\Yuj\chef-repo\.chef> cd ..
PS C:\Users\Yuj\chef-repo> dir

Open in new window

Comment
Watch Question
CERTIFIED EXPERT
Commented:
This problem has been solved!
Unlock 1 Answer and 2 Comments.
See Answer
Why Experts Exchange?

Experts Exchange always has the answer, or at the least points me in the correct direction! It is like having another employee that is extremely experienced.

Jim Murphy
Programmer at Smart IT Solutions

When asked, what has been your best career decision?

Deciding to stick with EE.

Mohamed Asif
Technical Department Head

Being involved with EE helped me to grow personally and professionally.

Carl Webster
CTP, Sr Infrastructure Consultant
Ask ANY Question

Connect with Certified Experts to gain insight and support on specific technology challenges including:

  • Troubleshooting
  • Research
  • Professional Opinions
Did You Know?

We've partnered with two important charities to provide clean water and computer science education to those who need it most. READ MORE